Emacs core TLS support

Simon Josefsson simon at josefsson.org
Thu Sep 30 12:10:22 CEST 2010


Ted Zlatanov <tzz at lifelogs.com> writes:

>>> +PRIORITY-STRING is as per the GnuTLS docs.
>
> SJ> Maybe there could be an info hyperlink here?
>
> Sorry, you mean to the GnuTLS webserver?  I don't know if that's
> necessary.

I was thinking to the Info manual.  Just a nit...

> SJ> 2) The design makes it a bit difficult to support multiple
> SJ> credentials.  The GnuTLS API allows clients to have several
> SJ> credentials (X.509, OpenPGP, etc).  Perhaps copying the GnuTLS API
> SJ> further is more flexible.
>
> I thought of making it more flexible but I really want to get the basic
> case working.

That's probably a good idea.

> As I mentioned earlier I think GnuTLS should consider further
> extending the idea of priority strings to a full configuration
> (credentials especially) in a single string or file.  That would make
> using it so much easier from Emacs Lisp.

Hm.  Interesting, yes, it could do that.  I'm not sure it makes sense to
support at the C layer, but I'll think about it.

> I tried to figure out the TLS handshake problem but it has stumped me.
> It's taken me many hours and I still don't know what I'm missing so, as
> I mentioned in my other message, I've checked in my current state to let
> others take a look.  If you or other GnuTLS developers can help, it
> would be greatly appreciated.  Once the handshake works I will work on
> the other improvements you mentioned and on getting the GnuTLS support
> into Gnus and other parts of Emacs.

Isn't it just that you don't have a proper X.509 setup?

/Simon




More information about the Gnutls-devel mailing list