From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:36003) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dyFvE-00041S-VU for guix-patches@gnu.org; Sat, 30 Sep 2017 07:27:05 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dyFvC-0006co-B7 for guix-patches@gnu.org; Sat, 30 Sep 2017 07:27:04 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:59620) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dyFvC-0006cO-6s for guix-patches@gnu.org; Sat, 30 Sep 2017 07:27:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1dyFvB-0006xG-Qw for guix-patches@gnu.org; Sat, 30 Sep 2017 07:27:01 -0400 Subject: [bug#28170] Add gnutls/dane + use it where its needed (gnurl, libmicrohttpd, gnunet) Resent-Message-ID: Date: Sat, 30 Sep 2017 12:26:16 +0100 From: Christopher Baines Message-ID: <20170930122616.17079913@cbaines.net> In-Reply-To: <20170821095726.qtf2ko526nup4yba@abyayala> References: <20170821095726.qtf2ko526nup4yba@abyayala> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/IhHage2jmBW=HpRqIB9Kp/9"; protocol="application/pgp-signature" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: ng0 Cc: 28170@debbugs.gnu.org --Sig_/IhHage2jmBW=HpRqIB9Kp/9 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Mon, 21 Aug 2017 09:57:26 +0000 ng0 wrote: > The dependency chain of GNUnet demands GnuTLS with DANE support. > You can use it without DANE, but there are certain parts which > will not work. DANE is recommended. (ports of FREEBSD uses > gnutls-dane for libmicrohttpd aswell for example). > From c9dedfd1a6f91d557006b00505a428be84102b1e Mon Sep 17 00:00:00 2001 > From: ng0 > Date: Mon, 21 Aug 2017 09:28:51 +0000 > Subject: [PATCH 1/4] gnu: gnutls: Add 'gnutls-dane'. >=20 > * gnu/packages/tls.scm (gnutls/dane): New variable. Hey, so I'm trying to do some reviewing. What was your reasoning for creating a new gnutls/dane package, rather than adding unbound to the existing gnutls package? I don't know much about GnuTLS, but it would be good to make it clear why this approach was taken, especially in the commit message and by the gnutls/dane package definition. --Sig_/IhHage2jmBW=HpRqIB9Kp/9 Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEPonu50WOcg2XVOCyXiijOwuE9XcFAlnPf1hfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcACgkQXiijOwuE 9XcjuxAAmTfjRl3SVYN2ddLvpzeAVobt8ku3bV0x0jlDUWtv7IsQj12d3iJuA1r1 mqa8aUTaUbxlGTX/RvSfOl+1M73/V4sJWD15mVU2uBT5nvIXwK6EOUoR+ly+HkMu RB1NTh/CSitRvxypD3gZXdRHoKguaSvTll2IYfbHub14cqjHna0LpGwzzHVdYw7Z 1qvN4SwHzjN3OHZmk1n7fE+AlBpJzi1CPTGzT617VIjf5K5AtZpFADDlrw3M1CEp 5frTGOIH0cBC8ys5P4z5wX8vuUCFDhgGn9AMwT58JNmGjhCJy1w6d39HxhBhYkjD DKfO0cYQhWimueVN39EACLcO8VjpzYMP0ihs/QrbkzgGHnwL/LWjbVZizhZsQQ3q miXJQIuXf97xNJOzAG0rF4zs6Y3cwJEzFgFOq0LLGIIBqGt3BuwbJn3/E8FjcGr6 A3usvT3jLbFH4BounuBTrDJp61WqtRmcFxjjeS1aDQhMIrxRRowb+DbMcLWoC3SM VEpRcmPU4GuLcHg61QYxtKMXNIujDTZNebsP9PPkW8LIILebeeemVSc+swijPgj6 9KYNLPHkOdpYPe6qqm8shuGr0Se41nr0jEt8q54lhbhPLL2DEG9lN1MFLuo9Raag Gc5dHNmguIaLfIrozmSMtMWf0aunFwRTrRjP7itD8j9MVAwoYVs= =yU8r -----END PGP SIGNATURE----- --Sig_/IhHage2jmBW=HpRqIB9Kp/9--