From mboxrd@z Thu Jan 1 00:00:00 1970 From: Adonay Felipe Nogueira Subject: Re: Browsing Guix (or any) lists with Gmane Date: Sun, 08 Oct 2017 12:04:52 -0300 Message-ID: <8760bpsmsr.fsf@hyperbola.info> References: <87fub26clj.fsf@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:50215) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e1D8Y-0001a5-9q for guix-devel@gnu.org; Sun, 08 Oct 2017 11:05:03 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e1D8U-00007R-5a for guix-devel@gnu.org; Sun, 08 Oct 2017 11:05:02 -0400 Received: from relay4-d.mail.gandi.net ([2001:4b98:c:538::196]:39324) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1e1D8T-00006X-Sr for guix-devel@gnu.org; Sun, 08 Oct 2017 11:04:58 -0400 Received: from adfeno-pc1 (unknown [179.105.43.141]) (Authenticated sender: adfeno@hyperbola.info) by relay4-d.mail.gandi.net (Postfix) with ESMTPSA id C8E6D1720A5 for ; Sun, 8 Oct 2017 17:04:54 +0200 (CEST) In-Reply-To: <87fub26clj.fsf@gmail.com> (Maxim Cournoyer's message of "Sun, 01 Oct 2017 12:45:44 -0400") List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org Interesting... I wonder if this can be combined with the current Namazu instance? I ask because we also have Namazu which allows searching, and which I think is also provided by the provider who hosts this mailing list. Maxim Cournoyer writes: > Hello Guix! > > For Guix and Gnus (or to become) users out there, I thought I'd share > this brief post where I explained the process of setting up Gnus and Gman= e. > > Here are some benefits: > 1. No need to locally store emails; just view them over NNTP. > 2. Easily subscribe to some lists in Gnus without having to go through > the mailman registration. > 3. Much nicer/convenient UI than the web archives pages; you can post > follow-ups directly. > 4. Rich collection of some 30000+ mailing list archives. > > The main drawback I've found so far is that server-side search facility > doesn't seem to be available yet in the new Gmane. Still, it's not too > long to load the full list of messages ever post to a list and use Emacs > or Gnus native features to search/sort. > > Here's the full original post:=20 > > From: Maxim Cournoyer > Subject: Gmane with Gnus first timer > Newsgroups: gmane.emacs.gnus.user > To: info-gnus-english@gnu.org > Date: Wed, 27 Sep 2017 11:12:38 -0400 (4 days, 59 minutes, 13 seconds ago) > > Hello Gnusers! > > I've started experimenting with Gmane[1], and it seems very useful at > easily navigating archived mailing lists! > > I thought I'd share some of the details for NNTP neophytes like me; I > had the good fortune to be helped on the IRC #gnus channel by > sixbitslacker, who shared important bits of their config as well as > the Gmane's X.509 certificate necessary for proper TLS authentication. > > * Gnus configuration > > The first thing I did was adding a select method to my Gnus > configuration. I already had a `gnus-select-method' defined with my > email server, so I used `gnus-secondary-select-methods' for Gmane: > > ;; To be put in your ~/.gnus.el or similar. > (setq gnus-secondary-select-methods > '((nntp "gmane" > (nntp-address "news.gmane.org")))) > > > * Gmane TLS certificate > > I then started Gnus. I was greeted with a warning that said: > > Certificate information > Issued by: news.gmane.org > Issued to: Gmane > Hostname: news.gmane.org > Public key: RSA, signature: RSA-SHA1 > Protocol: TLS1.2, key: RSA, cipher: AES-256-GCM, mac: AEAD > Security level: Low > Valid: From 2015-01-13 to 2018-01-12 > > > The TLS connection to news.gmane.org:nntp is insecure for the > following reasons: > > certificate signer was not found (self-signed) > certificate was signed with an insecure algorithm > the certificate was signed by an unknown and therefore unstrusted authori= ty > certificate could not be verified > > > While we can't do anything about the weak SHA1 signature, we can at > least fix the other warnings by trusting the self-signed certificate > that Gmane is using. > > To do so, we must first retrieve the X.509 certificate that Gmane > uses. The OpenSSL package provides a mean to do so (credits to > sixbitslacker): > > openssl s_client -starttls smtp -connect news.gmane.org:119 > > Amongst the output you should find the server certificate, which is: > > -----BEGIN CERTIFICATE----- > MIICwjCCAiugAwIBAgIJAJOYYw06tv/WMA0GCSqGSIb3DQEBBQUAMEsxCzAJBgNV > BAYTAk5PMRMwEQYDVQQIEwpTb21lLVN0YXRlMQ4wDAYDVQQKEwVHbWFuZTEXMBUG > A1UEAxMObmV3cy5nbWFuZS5vcmcwHhcNMTUwMTEzMjExMzQ2WhcNMTgwMTEyMjEx > MzQ2WjBLMQswCQYDVQQGEwJOTzETMBEGA1UECBMKU29tZS1TdGF0ZTEOMAwGA1UE > ChMFR21hbmUxFzAVBgNVBAMTDm5ld3MuZ21hbmUub3JnMIGfMA0GCSqGSIb3DQEB > AQUAA4GNADCBiQKBgQDK4MBGhSVg3O/L0U7ME7D4kmiPShwxmu6NZzQ5UsBV3S5H > qzPBEaInGUqX0IJX2pGVMKTGOmy+Sz0aJYcKQJdJ1Zq9LAtUOk7gflxX4z4wrcng > 9bRz1z8D3/KJFyTrELZyEC8DkKEwbO4LxO3QrfxNXOkpuVZ0eUlP/AwVGN9D+QID > AQABo4GtMIGqMB0GA1UdDgQWBBRCnZpe5p9+0CKQoFm/RVzp/EmUTzB7BgNVHSME > dDBygBRCnZpe5p9+0CKQoFm/RVzp/EmUT6FPpE0wSzELMAkGA1UEBhMCTk8xEzAR > BgNVBAgTClNvbWUtU3RhdGUxDjAMBgNVBAoTBUdtYW5lMRcwFQYDVQQDEw5uZXdz > LmdtYW5lLm9yZ4IJAJOYYw06tv/WMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF > BQADgYEAQgcrfK9IN7DfqIGVwuhHZRBskbcTyD0oh11zUrr1s44sEq4pWT/ht42C > Cpn4g+mCCOLewLT+MAHxs7Acxbkxd+lQyRVWknVLHNQL48dUrQX9QCEZVcLHcZmL > w2mmmDMfRgLNKdNDO60BMtK/EGGaaYmLY+B4EzQtSVGRZfANXLg=3D > -----END CERTIFICATE----- > > Save this file somewhere, say, to "~/.gnutls/gmane.pem". Now we must > configure Emacs to trust this certificate. One easy way is to add this > line to your ~/.emacs file: > > (add-to-list 'gnutls-trustfile "~/.gnutls/gmane.pem") > > Another other options to make it globally trusted would be to place the > file under /etc/ > > Eval this line (C-M-x or C-x C-e on that s-exp) and restart Gnus. The > only remaining warning should be the one about the weak SHA1 signature: > > When I did, Emacs still complained that the server was deemed insecure > because the "certificate signer was not found (self-signed)". I am not > sure why it persists warning me about a self-signed certificate after > I've explicitly given it my trust, nor do I know why the weak SHA1 issue > is not raised anymore... But anyway, I consider our due diligence done, > so at this point you may choose "Always" when presented the security > prompt. > > * Browsing lists with Gmane > > You should now be in the plain old *Group* buffer, with nothing new in > it. To actually navigate the mailing lists archived by Gmane, you may > press the '^' key to show a list of the known servers. It should contain > an entry for the newly added news.gmane.org news server, such as: > > {nntp:gmane} (opened) > > Finally, by clicking (on typing RET) on that gmane entry, you should now > have access to a huge collection of archived mailing lists (31682 at the > time of writing), which can be comfortably browsed in a Gnusy way. You > can also subscribe using 'u', to show some of these in your *Group* > buffer. > > * Posting to a Gmane > > Instead of sending an email with 'm', you can now send an article (the > equivalent in the world of news) with the 'a' key. This long text is my > first attempt at doing so; if you received it, it's because it worked! > > Happy hacking, > > Maxim > > [1] http://gmane.org > > > > After you're all set with Gmane you can view and reply to the original > post at gmane.emacs.gnus.user. > > I hope this can be useful to someone! > > Maxim > --=20 - https://libreplanet.org/wiki/User:Adfeno - Palestrante e consultor sobre /software/ livre (n=C3=A3o confundir com gratis). - "WhatsApp"? Ele n=C3=A3o =C3=A9 livre. Por favor, veja formas de se comun= icar instantaneamente comigo no endere=C3=A7o abaixo. - Contato: https://libreplanet.org/wiki/User:Adfeno#vCard - Arquivos comuns aceitos (apenas sem DRM): Corel Draw, Microsoft Office, MP3, MP4, WMA, WMV. - Arquivos comuns aceitos e enviados: CSV, GNU Dia, GNU Emacs Org, GNU GIMP, Inkscape SVG, JPG, LibreOffice (padr=C3=A3o ODF), OGG, OPUS, PDF (apenas sem DRM), PNG, TXT, WEBM.