emacs-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Opportunistic STARTTLS in smtpmail.el

From: Lars Magne Ingebrigtsen
Subject: Re: Opportunistic STARTTLS in smtpmail.el
Date: Mon, 02 May 2011 20:59:18 +0200
User-agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux) 
Ted Zlatanov <address@hidden> writes:

> LMI> "--x509keyfile" "--x509certfile"
>
> LMI> to gnutlc-cli.  `open-network-stream' has no concept of these things,
> LMI> and I'm not sure gnutls.c has, either.  Ted?
>
> Yes, definitely, with the :keyfiles and :trustfiles parameters to
> `gnutls-boot'.

Right.  Would "--x509keyfile" correspond to :keyfiles and
"--x509certfile" to :trustfiles?

> This is all nasty, nasty for the user.  The whole
> `smtpmail-starttls-credentials' structure can be replaced with
> `auth-source-search' calls for all possible use cases.  The user can
> say, for instance:
>
> machine mysmtpserver.com login tzz password mypassword keyfile "~/.keyfile"

Yes, that makes a whole lot more sense.  Hm...  but on what level would
this be checked?  `open-network-stream' could do that, but if the auth
file is a .gpg file, it'll have to ask for a password just to check
whether there is a keyfile, which, in 99.99% of the cases there won't
be.

Uhm.  How did that discussion about non-secret credentials go?  :-)

It wouldn't be backwards-compatible in any case, though -- anybody mind
if I break that for smtpmail.el?

-- 
(domestic pets only, the antidote for overdose, milk.)
  bloggy blog http://lars.ingebrigtsen.no/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]