[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gnutls-dev] OpenCDK comments
|
From: |
Simon Josefsson |
|
Subject: |
Re: [gnutls-dev] OpenCDK comments |
|
Date: |
Mon, 23 Apr 2007 18:39:23 +0200 |
|
User-agent: |
Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.95 (gnu/linux) |
Timo Schulz <address@hidden> writes:
> Simon Josefsson wrote:
>
>> No, it shouldn't be. Perhaps the copy of OpenCDK inside GnuTLS can be
>> made smaller, without e.g. the keyserver files, because those have
>> caused compilation problems in the past. I'll look into that.
>
> I forgot to mention that right now there is a callback which uses
> the keyserver code. Probably it would be the best idea to remove
> them first. I'm not sure if 'auto' key retrieval is a general feature in
> GnuTLS so the code must be probably changed at a higher level.
Having the GnuTLS library itself block and retrieve keys from a
keyserver seems to be a non-starter for me. GnuTLS might want to
provide an API to ask the application to "search" for keys, but I
don't see any point in including this functionality.
OTOH, possibly gnutls-cli or gnutls-serv could be enhanced to support
keyserver retrieval of PGP keys? That could use the OpenCDK keyserver
support. OTTH, I'd rather support the GnuPG key server infrastructure
instead since it is more complete and tested (it supports DNS-based
OpenPGP retrieval for example.. :)).
/Simon
- [gnutls-dev] OpenCDK comments, Simon Josefsson, 2007/04/20
- Re: [gnutls-dev] OpenCDK comments, Timo Schulz, 2007/04/20
- Re: [gnutls-dev] OpenCDK comments, Simon Josefsson, 2007/04/22
- Re: [gnutls-dev] OpenCDK comments, Timo Schulz, 2007/04/22
- Re: [gnutls-dev] OpenCDK comments, Timo Schulz, 2007/04/22
- Re: [gnutls-dev] OpenCDK comments,
Simon Josefsson <=
- Re: [gnutls-dev] OpenCDK comments, Timo Schulz, 2007/04/23
- Re: [gnutls-dev] OpenCDK comments, Simon Josefsson, 2007/04/23
- Re: [gnutls-dev] OpenCDK comments, Timo Schulz, 2007/04/24