[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Opportunistic STARTTLS in smtpmail.el (was: Emacs RPC security)

From: Lars Magne Ingebrigtsen
Subject: Opportunistic STARTTLS in smtpmail.el (was: Emacs RPC security)
Date: Mon, 02 May 2011 00:19:18 +0200
User-agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux)

Lars Magne Ingebrigtsen <address@hidden> writes:

> Hm...  perhaps I should convert smtpmail.el to use opportunistic
> STARTTLS while I'm at it. 

Oh, now I remember why I didn't do the smtpmail.el `open-network-stream'
conversion the last time.

smtpmail.el provides an option to pass TLS credentials to the server via
switches like 

"--x509keyfile" "--x509certfile"

to gnutlc-cli.  `open-network-stream' has no concept of these things,
and I'm not sure gnutls.c has, either.  Ted?

If gnutls.c has, I can extend `open-network-stream' to take keywords for
the keyfile and the certfile, if that is the way we want to go.  Or
perhaps add a global variable like `smtpmail-starttls-credentials',

;;(setq smtpmail-starttls-credentials
;;      '(("YOUR SMTP HOST" 25 "~/.my_smtp_tls.key" "~/.my_smtp_tls.cert")))

but call it `network-tls-credentials', and have `open-network-stream'
deal with this stuff itself -- if it's doing a STARTTLS or a TLS
connection, is can consult the `network-tls-credential' variable, see if
it finds a match, and then feed the required data to
starttls.el/tls.el/gnutls.c.  (*Phew*.)

But I'm wondering -- does anybody use this credential stuff for talking
to their SMTP servers?

I'd rather just delete `smtpmail-starttls-credentials' and pretend that
I've never heard about it.

Opinions, please...

(domestic pets only, the antidote for overdose, milk.)
  bloggy blog http://lars.ingebrigtsen.no/

reply via email to

[Prev in Thread] Current Thread [Next in Thread]