From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Lars Magne Ingebrigtsen <larsi@gnus.org>
Newsgroups: gmane.emacs.devel
Subject: What level to put STARTTLS certificates
Date: Wed, 15 Jun 2011 20:29:28 +0200
Organization: Programmerer Ingebrigtsen
Message-ID: <m3vcw7ymlz.fsf@quimbies.gnus.org>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: dough.gmane.org 1308163875 26607 80.91.229.12 (15 Jun 2011 18:51:15 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Wed, 15 Jun 2011 18:51:15 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Jun 15 20:51:11 2011
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([140.186.70.17])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1QWvBE-0000yj-TH
	for ged-emacs-devel@m.gmane.org; Wed, 15 Jun 2011 20:51:09 +0200
Original-Received: from localhost ([::1]:49118 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1QWvBD-00086k-IB
	for ged-emacs-devel@m.gmane.org; Wed, 15 Jun 2011 14:51:07 -0400
Original-Received: from eggs.gnu.org ([140.186.70.92]:33188)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QWuqW-000219-IL
	for emacs-devel@gnu.org; Wed, 15 Jun 2011 14:29:46 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QWuqU-00061W-CF
	for emacs-devel@gnu.org; Wed, 15 Jun 2011 14:29:44 -0400
Original-Received: from lo.gmane.org ([80.91.229.12]:46033)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QWuqT-00061M-MX
	for emacs-devel@gnu.org; Wed, 15 Jun 2011 14:29:42 -0400
Original-Received: from list by lo.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QWuqR-0005pY-DB
	for emacs-devel@gnu.org; Wed, 15 Jun 2011 20:29:39 +0200
Original-Received: from cm-84.215.51.58.getinternet.no ([84.215.51.58])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Wed, 15 Jun 2011 20:29:39 +0200
Original-Received: from larsi by cm-84.215.51.58.getinternet.no with local (Gmexim 0.1
	(Debian)) id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Wed, 15 Jun 2011 20:29:39 +0200
X-Injected-Via-Gmane: http://gmane.org/
Mail-Followup-To: emacs-devel@gnu.org
Original-Lines: 33
Original-X-Complaints-To: usenet@dough.gmane.org
X-Gmane-NNTP-Posting-Host: cm-84.215.51.58.getinternet.no
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAElBMVEW1qrHg2uVnOzw8ExqS
	d3fFusMP1x0BAAACTklEQVQ4jUWTTXLkIAyFFQf2pqrZewTZp8AH0MjqvT3V3P8q8wCno4279fH0
	hyDq5n3zbdpJdH/e5mGtOZsEDhMzmai1l6XNT+AARPwdypmy+Dewr9t/mqgx/QK5U7tsOzP7kUMA
	nrdAOR3MbqeT3oUNQeKSmNUy/kPhHDkaglp3Q6hz2aAQebnZlgPgrFyEdAA3wWmpdnLUjZY7xwBd
	AMA1ZTqo/ZplKAoAq/ANYkTlyrXUtB89XPkBISKS1T2VXLlWnSAGGJqzrFXTTqkc+Q2a67FT3XQ3
	g4qmPzZyufZqi2gWKzeI/sNx6cXmwl9qB9cOcN5rGn5kt/zkpAPEk3j0Vgs6MbcR26gqet1TnV2n
	+o0LIk5jqC9B/T1UKvhiqCAD4Gs2NTWnbBfImLa4A1c3AcZiz/CwAUgP3Nwx+sAd5iuEFWA140ML
	p8IjP//pE+pAlT9NrYxWSt7CBCGqbouhlwWjYs7DHwkDMXFC4hcsVeH88QNCcE8h/F1FsYZ/xxX0
	rQnhNfwh2IMXwXc1YaFemkz5o6nh10PZ50b9BIVpsko/xrx9DxD9DR7Qr7ow27cbhz9uEFtwggdi
	y5cOsF5whXZhCILtMtONZ3jX2hXj5bLHTijWXaYCgcWfWBM8I+5D+3yO5OFsCzYzUyKnmCbLIRO8
	Xror9jL1p7kzkjiaCtO9SxLC825//RnjzAEAl1Xlbcme/BVmqLhqMVhRDNrPrqbi+ofAqBNv+/bf
	YD2xJpwZ/p/xTBBPfWXGEr3nGfrY+yN44dLlevycD+E/gQDA3dZTNXMAAAAASUVORK5CYII=
Mail-Copies-To: never
X-Now-Playing: Kate Bush's _Director's Cut_: "Never Be Mine"
User-Agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux)
Cancel-Lock: sha1:5UdOH/P5+DXyoWKHdTJPnJkBdqY=
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-Received-From: 80.91.229.12
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: </archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:140512
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/140512>

I've started rewriting the TLS/auth stuff in smtpmail.el.

Today smtpmail has the following variable:

;;(setq smtpmail-starttls-credentials
;;      '(("YOUR SMTP HOST" 25 "~/.my_smtp_tls.key" "~/.my_smtp_tls.cert")))

But it strikes me that this is probably on the totally wrong level.  I
mean, any TLS connection can have user keys/certs connected to them, so
it seems to me that the right level to control this is on the
network-stream.el level, and not on the
smtpmail.el/pop3.el/nntp.el/imap.el level.

So I think I'll get rid of that variable, and put this stuff into
network-stream.el instead.

This won't be backwards-compatible, but should be easy for the (few)
users to fix up themselves.

I'm thinking the right place to stash this is in ~/.authinfo, since
these are credentials.  The format will be

machine smtp.gmail.com port 587 tls-key file:~/.my_smtp_tls.key tls-cert file:~/.my_smtp_tls.cert

Any objections?

Also, since I'm away Friday to Monday, I won't be committing any of this
stuff until Tuesday, when I can be more responsive to complaints about
missing bugs in the new code.  :-)

-- 
(domestic pets only, the antidote for overdose, milk.)
  bloggy blog http://lars.ingebrigtsen.no/