From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/72384 Path: news.gmane.org!not-for-mail From: Bruno Tavernier Newsgroups: gmane.emacs.gnus.general Subject: Allow network login over secured network Date: Fri, 01 Oct 2010 18:40:40 +0900 Message-ID: <878w2ijlnr.fsf@gmail.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: dough.gmane.org 1285926360 5020 80.91.229.12 (1 Oct 2010 09:46:00 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Fri, 1 Oct 2010 09:46:00 +0000 (UTC) To: ding@gnus.org Original-X-From: ding-owner+M20757@lists.math.uh.edu Fri Oct 01 11:45:59 2010 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1P1cBg-000650-VJ for ding-account@gmane.org; Fri, 01 Oct 2010 11:45:57 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1P1cBf-00035Y-HN; Fri, 01 Oct 2010 04:45:55 -0500 Original-Received: from mx2.math.uh.edu ([129.7.128.33]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1P1cBe-00035G-6U for ding@lists.math.uh.edu; Fri, 01 Oct 2010 04:45:54 -0500 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx2.math.uh.edu with esmtp (Exim 4.72) (envelope-from ) id 1P1cBd-00074P-5Y for ding@lists.math.uh.edu; Fri, 01 Oct 2010 04:45:54 -0500 Original-Received: from mail-px0-f172.google.com ([209.85.212.172]) by quimby.gnus.org with esmtp (Exim 3.36 #1 (Debian)) id 1P1cBc-0007Ot-00 for ; Fri, 01 Oct 2010 11:45:52 +0200 Original-Received: by pxi6 with SMTP id 6so1309365pxi.17 for ; Fri, 01 Oct 2010 02:45:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date :message-id:user-agent:mime-version:content-type; bh=tw4uKeNXKRf4LRjKuub30vWk2Zr8F0Ergu4HnoFt2yM=; b=oJzLbKnAk5vj/Jh+lsVnuCWX5x2MZr+actMWBW61NNZF8TU2aeZZ879buECR6r6FSQ n/Du+kBOwN0vlTJUCI1+ixPtt1gSCv6Zf6BsB40MYEv1Q5kXpxBI2dnoW5dbeJkBs4rz m2BrzGgkkg12XTAhhHjsEWReZIYNPc1wTQKhY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:message-id:user-agent:mime-version :content-type; b=lD5UBaSgHk8auXBTW+tfuXqtleneq1rNRuHMXmpnA+LN1xiPNFhOHZUBo3kAPxgoSg /STl9EnAHP0rZkOAZcs1OpCoWgDbOxPHJX2/ui1c4EFueCf7rsSgxgFbcAtQ86cCOCLI RzrKiP98y+V0aMZ0nTZJgHlzvp0IFqJyFPP9g= Original-Received: by 10.114.89.15 with SMTP id m15mr5942176wab.106.1285926320562; Fri, 01 Oct 2010 02:45:20 -0700 (PDT) Original-Received: from fc3-b ([150.82.207.21]) by mx.google.com with ESMTPS id c10sm1533795wam.1.2010.10.01.02.45.18 (version=TLSv1/SSLv3 cipher=RC4-MD5); Fri, 01 Oct 2010 02:45:19 -0700 (PDT) User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/24.0.50 (gnu/linux) X-Spam-Score: -2.0 (--) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:72384 Archived-At: Here is the story: When one is behind a proxy with limited access (i.e. http and https) it is sometime convenient to create some ssh tunnels to reach freedom. In our case, mails and news server. ;-) In such a case, the connection being already secured by ssh, it makes sense to simply login with for instance (nnimap-stream network). I guess the performance hit of a double layer of encryption (ssh+tls) is no huge, but still. However, with the commit below, connecting over ssh to starttls capable server automatically upgrade "network" to "starttls". 2010-09-30 Lars Magne Ingebrigtsen * nnimap.el (nnimap-open-connection): Reinstate the auto-upgrade from unencrypted to STARTTLS, if possible. Would it be possible to do something like: Gnus default option -> "starttls" (as its seems to be the favored method and plain text connection is *bad*) When user wants to use "network", well, if they set the option they know what they're doing (or let's hope so). :-) -- Bruno