From mboxrd@z Thu Jan  1 00:00:00 1970
From: Hartmut Goebel <h.goebel@goebel-consult.de>
Subject: Re: [PATCH 1/1] gnu: Add acme-client.
Date: Sat, 3 Sep 2016 09:43:03 +0200
Message-ID: <57CA7F07.9060807@goebel-consult.de>
References: <cover.1472827750.git.leo@famulari.name>
	<f1649dd9aafe811c930ddaca825dbffe82e20818.1472827750.git.leo@famulari.name>
	<57C9BE93.7090206@goebel-consult.de> <20160902185028.GB31756@jasmine>
Mime-Version: 1.0
Content-Type: multipart/signed; protocol="application/pkcs7-signature";
	micalg=sha-256; boundary="------------ms020907090800070304040402"
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:40341)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <h.goebel@goebel-consult.de>) id 1bg5bb-00063X-JY
	for guix-devel@gnu.org; Sat, 03 Sep 2016 03:43:12 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <h.goebel@goebel-consult.de>) id 1bg5bX-0001DV-Er
	for guix-devel@gnu.org; Sat, 03 Sep 2016 03:43:10 -0400
Received: from mail-out.m-online.net ([2001:a60:0:28:0:1:25:1]:56069)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <h.goebel@goebel-consult.de>) id 1bg5bX-0001DP-4p
	for guix-devel@gnu.org; Sat, 03 Sep 2016 03:43:07 -0400
Received: from frontend01.mail.m-online.net (unknown [192.168.8.182])
	by mail-out.m-online.net (Postfix) with ESMTP id 3sR7JT6FsYz3hlN9
	for <guix-devel@gnu.org>; Sat,  3 Sep 2016 09:43:05 +0200 (CEST)
Received: from localhost (dynscan1.mnet-online.de [192.168.6.68])
	by mail.m-online.net (Postfix) with ESMTP id 3sR7JT56m1zvlf2
	for <guix-devel@gnu.org>; Sat,  3 Sep 2016 09:43:05 +0200 (CEST)
Received: from mail.mnet-online.de ([192.168.8.182])
	by localhost (dynscan1.mail.m-online.net [192.168.6.68]) (amavisd-new,
	port 10024) with ESMTP id p3Kne-Z_9vfX for <guix-devel@gnu.org>;
	Sat,  3 Sep 2016 09:43:04 +0200 (CEST)
Received: from hermia.goebel-consult.de
	(ppp-188-174-145-37.dynamic.mnet-online.de [188.174.145.37])
	(using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.mnet-online.de (Postfix) with ESMTPS
	for <guix-devel@gnu.org>; Sat,  3 Sep 2016 09:43:04 +0200 (CEST)
Received: from [192.168.110.2] (lenashee.goebel-consult.de [192.168.110.2])
	by hermia.goebel-consult.de (Postfix) with ESMTP id A1955604CE
	for <guix-devel@gnu.org>; Sat,  3 Sep 2016 09:43:03 +0200 (CEST)
In-Reply-To: <20160902185028.GB31756@jasmine>
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: guix-devel@gnu.org

This is a cryptographically signed message in MIME format.

--------------ms020907090800070304040402
Content-Type: multipart/alternative;
 boundary="------------080400070103070106010806"

This is a multi-part message in MIME format.
--------------080400070103070106010806
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Am 02.09.2016 um 20:50 schrieb Leo Famulari:
> On Fri, Sep 02, 2016 at 08:01:55PM +0200, Hartmut Goebel wrote:
>> Am 02.09.2016 um 16:49 schrieb Leo Famulari:
>>> +    (name "acme-client")
>>>
> Suggestions?

acme-client-openbsd? But given that this is a stupid name, and given
that
https://www.metachris.com/2015/12/comparison-of-10-acme-lets-encrypt-clie=
nts/
does not list a program with this name, may we should stick with the
official name.


>
>> *shiver* Why would one implement this in an language like C, which is
>> prone to buffer overflows, if there are implementations available in
>> more secure languages?
> I wouldn't propose this package if it wasn't part of OpenBSD's base
> system:

I'm sorry, no offence meant! I only wanted do express my doubt about
using C if other implementations are available. (I just had a look at
the source, which did not make me more confident in this piece of
software; as far as can see they implement a  a http-client from stretch
and include a json-parse instead of linking one.) I also know, OpenBSD
delivers good software.

It's not our job to decide what software a sysadmin should install. It's
the sysadmin's responsibility. Our job as distribution-builders is to=20
provide software to the sysadmin.

--=20
Sch=C3=B6nen Gru=C3=9F
Hartmut Goebel
Dipl.-Informatiker (univ), CISSP, CSSLP, ISO 27001 Lead Implementer
Information Security Management, Security Governance, Secure Software
Development

Goebel Consult, Landshut
http://www.goebel-consult.de

Blog: http://www.goebel-consult.de/blog/verschlusselte-mailingslisten
Kolumne: http://www.cissp-gefluester.de/2010-07-passwoerter-lieben-lernen=



--------------080400070103070106010806
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable

<html>
  <head>
    <meta content=3D"text/html; charset=3Dutf-8" http-equiv=3D"Content-Ty=
pe">
  </head>
  <body text=3D"#000000" bgcolor=3D"#FFFFFF">
    <div class=3D"moz-cite-prefix">Am 02.09.2016 um 20:50 schrieb Leo
      Famulari:<br>
    </div>
    <blockquote cite=3D"mid:20160902185028.GB31756@jasmine" type=3D"cite"=
>
      <pre wrap=3D"">On Fri, Sep 02, 2016 at 08:01:55PM +0200, Hartmut Go=
ebel wrote:
</pre>
      <blockquote type=3D"cite">
        <pre wrap=3D"">Am 02.09.2016 um 16:49 schrieb Leo Famulari:
</pre>
        <blockquote type=3D"cite">
          <pre wrap=3D"">+    (name "acme-client")

</pre>
        </blockquote>
      </blockquote>
      <pre wrap=3D"">
Suggestions?</pre>
    </blockquote>
    <br>
    acme-client-openbsd? But given that this is a stupid name, and given
    that
    <a class=3D"moz-txt-link-freetext" href=3D"https://www.metachris.com/=
2015/12/comparison-of-10-acme-lets-encrypt-clients/">https://www.metachri=
s.com/2015/12/comparison-of-10-acme-lets-encrypt-clients/</a>
    does not list a program with this name, may we should stick with the
    official name.<br>
    <br>
    <br>
    <blockquote cite=3D"mid:20160902185028.GB31756@jasmine" type=3D"cite"=
><br>
      <blockquote type=3D"cite">
        <pre wrap=3D"">*shiver* Why would one implement this in an langua=
ge like C, which is
prone to buffer overflows, if there are implementations available in
more secure languages?
</pre>
      </blockquote>
      <pre wrap=3D"">
I wouldn't propose this package if it wasn't part of OpenBSD's base
system:
</pre>
    </blockquote>
    <br>
    I'm sorry, no offence meant! I only wanted do express my doubt about
    using C if other implementations are available. (I just had a look
    at the source, which did not make me more confident in this piece of
    software; as far as can see they implement a=C2=A0 a http-client from=

    stretch and include a json-parse instead of linking one.) I also
    know, OpenBSD delivers good software.<br>
    <br>
    It's not our job to decide what software a sysadmin should install.
    It's the sysadmin's responsibility. Our job as distribution-builders
    is to=C2=A0 provide software to the sysadmin.<br>
    <br>
    -- <br>
    <div class=3D"moz-signature"><span style=3D"color:black">
        Sch=C3=B6nen Gru=C3=9F <br>
        Hartmut Goebel <br>
      </span>
      <span style=3D"font-size:smaller">Dipl.-Informatiker (univ), CISSP,=

        CSSLP, ISO 27001 Lead Implementer</span><br>
      <span style=3D"font-size:smaller">Information Security Management,
        Security Governance, Secure Software Development</span>
      <p style=3D"color:black" lang=3D"de">
        Goebel Consult, Landshut <br>
        <a style=3D"color:black" href=3D"http://www.goebel-consult.de">ht=
tp://www.goebel-consult.de</a>
      </p>
      <p style=3D"color:grey;font-size:smaller">
        Blog:
        <a style=3D"color:grey !important;text-decoration:none !important=
"
href=3D"http://www.goebel-consult.de/blog/verschlusselte-mailingslisten">=
http://www.goebel-consult.de/blog/verschlusselte-mailingslisten</a>
        <br>
        Kolumne:
        <a style=3D"color:grey !important;text-decoration:none !important=
"
href=3D"http://www.cissp-gefluester.de/2010-07-passwoerter-lieben-lernen"=
>http://www.cissp-gefluester.de/2010-07-passwoerter-lieben-lernen</a>
      </p>
    </div>
  </body>
</html>

--------------080400070103070106010806--

--------------ms020907090800070304040402
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC
BYswggWHMIIDb6ADAgECAgMR5Y4wDQYJKoZIhvcNAQENBQAweTEQMA4GA1UEChMHUm9vdCBD
QTEeMBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0IFNp
Z25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2VydC5vcmcwHhcN
MTYwMzI5MDk1NTAzWhcNMTYwOTI1MDk1NTAzWjBFMRgwFgYDVQQDEw9DQWNlcnQgV29UIFVz
ZXIxKTAnBgkqhkiG9w0BCQEWGmguZ29lYmVsQGdvZWJlbC1jb25zdWx0LmRlMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykbRbJ57m2Wx9zb8EBr9nMk46l9VRzELF//iqO03
wrtAaROtXXC8o8jK8Ah32vnJjpvsToNK3vB+AuHvFZtDA4nanRZpZJvHZhMfH4hYL2+2IQMG
xlHvWBc+3PiPotZE8pA2xvfM3raiY4DRqbKjWFa13gdShFDF9V3kQ0QaSsvV7oS44OFkgIlY
k3ZK/27x6tkYQ3N9R4xRADl4BmGzupDXxFUM+pTEjg7xfqr2WS7fnA4OLoUcIgrgrAVSqEkR
rcstQKOT07FzO1WaCpNGIJJt6ixts2ng4blUsrYfX+Zdu9cL0RkE1ZMn5GvNlZyQWMzuBl/C
EXiNaDE/1az5ewIDAQABo4IBSjCCAUYwDAYDVR0TAQH/BAIwADBWBglghkgBhvhCAQ0ESRZH
VG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQgb3ZlciB0byBodHRw
Oi8vd3d3LkNBY2VydC5vcmcwDgYDVR0PAQH/BAQDAgOoMEAGA1UdJQQ5MDcGCCsGAQUFBwME
BggrBgEFBQcDAgYKKwYBBAGCNwoDBAYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMDIGCCsGAQUF
BwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AuY2FjZXJ0Lm9yZzAxBgNVHR8EKjAo
MCagJKAihiBodHRwOi8vY3JsLmNhY2VydC5vcmcvcmV2b2tlLmNybDAlBgNVHREEHjAcgRpo
LmdvZWJlbEBnb2ViZWwtY29uc3VsdC5kZTANBgkqhkiG9w0BAQ0FAAOCAgEAG4saZUHqi9Gk
kLRWCd/Ir7yA6mTHmhkXZuiHwdUbCtIX+zvXx3H+SJ5rKCn1lgPFTtNcmaikSkEv3NJaCdkO
y+VR7A1PGkG2iVVfy2xcPEhyDf1OdIHUANLjWZ9sPm8ThGgf+WLIirC0JfHfxQzJCkmxIrAM
m6eVI32utOYdibzAcM30/engjUDyXqfWI27oMQJfqFdIQmbpHNkaTiTGNDj+Rtm/C3bepcyu
mPK1Me/psFi/Lrm5/0cYO9WYrtcvneDfJ1cA0lv2CO+pQrHYNrg1eN5MiVFgf/1ZZn7491ka
5Anjv2qzkaE/KlSkD0jbIJiVM7sjclbawArPB1nInwE3flnDylYxsEuyS64ehRV3oWgePgQ2
ntxmkRk/8ECm8HO0IZdu/WLl1WwDERRPRQZs5PZhhL0RVOA+o4TY/cvqcu16e8S6jaMFQVKe
pdGfZFcLOtxYBPEjdmisBaBv7uzaQdTMTSbEFuA4Gtlbf913QSQmigtxRAlwUQlbtMib6+KP
OWxFaoBmIzryxGLdOph8XacpFmgJ4LuBavl9Jic4oCvaelZ3cAMjUCSv3+HiRdhL6o0ujNb6
tCzsf6r3VSU7g5REHSkku1sVUy5Wdrl3QzvostEVIpLrD6HtMiNKcq9az4IJN14GjFowMHx3
Uo8j/TXzjRH0TlptQlLrnPoxggOxMIIDrQIBATCBgDB5MRAwDgYDVQQKEwdSb290IENBMR4w
HAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNBIENlcnQgU2lnbmlu
ZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRAY2FjZXJ0Lm9yZwIDEeWOMA0G
CWCGSAFlAwQCAQUAoIICATAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJ
BTEPFw0xNjA5MDMwNzQzMDNaMC8GCSqGSIb3DQEJBDEiBCBjom8TgAE8AD2zIjz97lYZj+Hf
nTLYKvCGaQcOn5HAHTBsBgkqhkiG9w0BCQ8xXzBdMAsGCWCGSAFlAwQBKjALBglghkgBZQME
AQIwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIH
MA0GCCqGSIb3DQMCAgEoMIGRBgkrBgEEAYI3EAQxgYMwgYAweTEQMA4GA1UEChMHUm9vdCBD
QTEeMBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0IFNp
Z25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2VydC5vcmcCAxHl
jjCBkwYLKoZIhvcNAQkQAgsxgYOggYAweTEQMA4GA1UEChMHUm9vdCBDQTEeMBwGA1UECxMV
aHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0IFNpZ25pbmcgQXV0aG9y
aXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2VydC5vcmcCAxHljjANBgkqhkiG9w0B
AQEFAASCAQC5fzBweNNV9v9TRxkjhqCZoh00eyvQWWJxoLEBYZEhCCIpJM3S1Pz1hF5L9hKZ
UUbojTrJVO9I53EGH57xiJImfsCBa+qyAZtWim/sUybeRXhVbxmYU1XcU2jEkfFnwFmEk0fm
maINUs2DRbYrp1F4xJ1Ebo5GeEWij4NSHvmo5km45/Fq9HLuOUP9hysk8V8wsHdQBWMDrDT9
oRp4AjV60ZoHtn9pfgkhPm+PmZs199KlWanxtEUTziMUWk0eZXbuWzUmU37uNHEfbMpoBFAF
2DuxPXGQj4CSt5Q7Ei9aIKEA7zjipVcyJYXKIQKaBnVX/SVAIfGFy5+vAQBQXZXHAAAAAAAA

--------------ms020907090800070304040402--