Re: ssl?
On Wed, Nov 13, 2013 at 5:37 PM, Stephen J. Turnbull
<turnbull(a)sk.tsukuba.ac.jp> wrote:
By "sync this", I meant making gnutls-cli work.
Oh, I see. Pardon me for being dense.
Surely we can match the Emacs API in Lisp, although it might be in
some cost of security or efficiency. I don't mind the incompatibility
if we have full support of things like STARTTLS negotiation for
protocols that support STARTTLS, etc.
Well ... maybe. I was having trouble seeing how to do it. I guess
what I should do is just start with the gnutls (or nss or ...) lstream
type and then see what we need to layer on top of it.
*sigh* That's a completely different set of issues. Let's
stop doing
this to ourselves. If it's a mistake not to emulate Ted Z, we can pay
for it later. Do what you think is right.
Well, the *real* problem is that I just haven't had much time for
XEmacs work for the last few months, and what time I've had I've been
spending on that libxml2 module. If this seems to be a more urgent
issue, I'll put libxml2 back on the shelf for a bit and try to get the
gnutls (or nss or ...) stuff done.
Plus, there's the problem that I never actually finished with even the
lstream part...
> Also FWIW, Fedora is trying to nudge developers towards NSS:
> http://fedoraproject.org/wiki/FedoraCryptoConsolidation.
OK, I can see the rationale (although I'd never heard of NSS vs
OpenSSL and GNUTLS, the FIPS certification is a killer argument in
favor of it as a leading candidate). Do you know why GNUTLS is
favored over OpenSSL? The latter is older, and from what I'm hearing
on emacs-devel, more stable.
I don't have any idea. I can ask, if you like.
--
Jerry James
http://www.jamezone.org/
_______________________________________________
XEmacs-Beta mailing list
XEmacs-Beta(a)xemacs.org
http://lists.xemacs.org/mailman/listinfo/xemacs-beta