From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/61007 Path: news.gmane.org!not-for-mail From: Alexander Kotelnikov Newsgroups: gmane.emacs.gnus.general Subject: Re: SSL-enabled protocols Date: Fri, 23 Sep 2005 14:57:06 +0400 Organization: Global disintoxication Message-ID: <87vf0s6ohp.fsf@vinci.loc> References: <87zmq5s5nh.fsf@myxomop.com> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: sea.gmane.org 1127473712 26402 80.91.229.2 (23 Sep 2005 11:08:32 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Fri, 23 Sep 2005 11:08:32 +0000 (UTC) Original-X-From: ding-owner+m9539@lists.math.uh.edu Fri Sep 23 13:08:29 2005 Return-path: Original-Received: from malifon.math.uh.edu ([129.7.128.13]) by ciao.gmane.org with esmtp (Exim 4.43) id 1EIlOL-0003EE-FF for ding-account@gmane.org; Fri, 23 Sep 2005 13:06:57 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu ident=lists) by malifon.math.uh.edu with smtp (Exim 3.20 #1) id 1EIlOC-0003SJ-00; Fri, 23 Sep 2005 06:06:48 -0500 Original-Received: from nas02.math.uh.edu ([129.7.128.40]) by malifon.math.uh.edu with esmtp (Exim 3.20 #1) id 1EIlJr-0003SB-00 for ding@lists.math.uh.edu; Fri, 23 Sep 2005 06:02:19 -0500 Original-Received: from quimby.gnus.org ([80.91.224.244]) by nas02.math.uh.edu with esmtp (Exim 4.52) id 1EIlJk-000378-Jr for ding@lists.math.uh.edu; Fri, 23 Sep 2005 06:02:18 -0500 Original-Received: from main.gmane.org ([80.91.229.2] helo=ciao.gmane.org) by quimby.gnus.org with esmtp (Exim 3.35 #1 (Debian)) id 1EIlJj-0001wp-00 for ; Fri, 23 Sep 2005 13:02:11 +0200 Original-Received: from list by ciao.gmane.org with local (Exim 4.43) id 1EIlIG-0001np-K4 for ding@gnus.org; Fri, 23 Sep 2005 13:00:40 +0200 Original-Received: from 81.211.124.120.adsl-spb.net.rol.ru ([81.211.124.120]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 23 Sep 2005 13:00:40 +0200 Original-Received: from sacha by 81.211.124.120.adsl-spb.net.rol.ru with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 23 Sep 2005 13:00:40 +0200 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: ding@gnus.org Original-To: ding@gnus.org Original-Lines: 25 Original-X-Complaints-To: usenet@sea.gmane.org X-Gmane-NNTP-Posting-Host: 81.211.124.120.adsl-spb.net.rol.ru Mail-Copies-To: never User-Agent: Gnus/5.1007 (Gnus v5.10.7) Emacs/21.4 (gnu/linux) Cancel-Lock: sha1:TA55GrKcbIMLhaDrwE4YPxdlLRA= X-Spam-Score: -1.3 (-) Precedence: bulk Original-Sender: ding-owner@lists.math.uh.edu Xref: news.gmane.org gmane.emacs.gnus.general:61007 Archived-At: >>>>> On Fri, 23 Sep 2005 10:54:53 +0200 >>>>> "SJ" == Simon Josefsson wrote: SJ> SJ> Alexander Kotelnikov writes: >> Hello. >> >> Can anyone clarify to me, how should one use imaps/nntps? I belive, >> openssl/gnutsl-cli usage for opening these connections is absolutely >> unacceptable, since these programs maintain a connection even if >> certificates check fails. I use stunnel for imaps, but for >> not-still-investigated reasons it does not work for nntps. Is there any >> other ways? SJ> SJ> I have fixed gnutls-cli so that if you supply a --x509cafile or SJ> --pgptrustdb parameter, and the server certificate validation fails, SJ> the program will terminate. So you should be able to use tomorrow's SJ> GnuTLS snapshot with Gnus to achieve what you want. I can't help you SJ> with nntps. Oh, thanks. This should help with nntps either, even an approach used in stunnel (when user can tell in what conditions to abort a connection) seems to be more elegant. -- Alexander Kotelnikov Saint-Petersburg, Russia