[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
What level to put STARTTLS certificates
From: |
Lars Magne Ingebrigtsen |
Subject: |
What level to put STARTTLS certificates |
Date: |
Wed, 15 Jun 2011 20:29:28 +0200 |
User-agent: |
Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux) |
I've started rewriting the TLS/auth stuff in smtpmail.el.
Today smtpmail has the following variable:
;;(setq smtpmail-starttls-credentials
;; '(("YOUR SMTP HOST" 25 "~/.my_smtp_tls.key" "~/.my_smtp_tls.cert")))
But it strikes me that this is probably on the totally wrong level. I
mean, any TLS connection can have user keys/certs connected to them, so
it seems to me that the right level to control this is on the
network-stream.el level, and not on the
smtpmail.el/pop3.el/nntp.el/imap.el level.
So I think I'll get rid of that variable, and put this stuff into
network-stream.el instead.
This won't be backwards-compatible, but should be easy for the (few)
users to fix up themselves.
I'm thinking the right place to stash this is in ~/.authinfo, since
these are credentials. The format will be
machine smtp.gmail.com port 587 tls-key file:~/.my_smtp_tls.key tls-cert
file:~/.my_smtp_tls.cert
Any objections?
Also, since I'm away Friday to Monday, I won't be committing any of this
stuff until Tuesday, when I can be more responsive to complaints about
missing bugs in the new code. :-)
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog http://lars.ingebrigtsen.no/
- What level to put STARTTLS certificates,
Lars Magne Ingebrigtsen <=