[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Testing the gnutls support

From: Lars Magne Ingebrigtsen
Subject: Re: Testing the gnutls support
Date: Sun, 10 Oct 2010 17:26:49 +0200
User-agent: Gnus/5.110011 (No Gnus v0.11) Emacs/24.0.50 (gnu/linux)

Ted Zlatanov <address@hidden> writes:

> 1) we should be verifying the host name matches the certificate--but
> should this be done in gnutls.el or gnutls.c?

The negotiation is done in emacs_gnutls_read now, sort of, isn't it?
I'm not quite sure how to pass that info back to Elisp land -- it'd have
to be a callback of some sort, wouldn't it?

> 2) we should set up a verification callback (but this is not available
> in mainstream Debian/Ubuntu yet, since it's new in 2.10).  In the
> callback we should let the user accept an invalid certificate.  I'd like
> to defer this until 2.10 is in the Debian mainstream.

Sounds OK to me.

> 3) We should give users a way to accept certificates.  Right now they
> can pass a list of trust file names themselves but I think this should
> be a more general facility.


(domestic pets only, the antidote for overdose, milk.)
  address@hidden * Lars Magne Ingebrigtsen

reply via email to

[Prev in Thread] Current Thread [Next in Thread]