Re: Get certificate from LDAP for S/MIME encryption (patch)

["Arne Jørgensen" <arne@arnested.dk>]

Simon Josefsson <jas@extundo.com> writes:

> Arne Jørgensen <arne@arnested.dk> writes:

>> The funny (load-library "net/ldap") was because the eudc package on my
>> debian had an incompatible ldap.elc installed, but that might be a
>> debian bug.
>
> I think it should be reported as a Debian bug.  If it turns out this
> might affect many people, maybe we can analyze the situation further
> and come up with something better.

Already reported
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=295285>

>>> Is auto-querying from LDAP sources reliable?  Is there any suitable
>>> default-value for `smime-ldap-host-list'?  It should be very safe to
>>> auto-query DNS.
>>
>> Well the default value, nil, should be fine. Then no certificate is
>> returned. And if the certificate is not found on the servers it ask
>> nil is returned too. It should be pretty safe...
>
> And what if there is a non-nil value in the variable?  Will the code
> fall back and return nil on any failures?  I.e., missing openldap,
> network timeouts etc.  Or will it throw an error?  The latter should
> be avoided, IMHO.

There's room for testing here ;-) I'll have a closer look ..
Wednesday.

>> Didn't you work on integrating the gnutls libraries in emacs a long
>> time ago? Could gnutls do s/mime stuff too?
>
> There is some PKCS#7 stuff in gnutls, so it might be possible to make
> that work.  But if gpgsm is supposed to be a free and generic S/MIME
> implementation, I think we should try to avoid reinventing it before
> we have tried harder to use it.  I'll have another go at it sometime.

You're right. From time to time I just dream about not having to
depend on external programs -- after debugging with different versions
of openldap and an openssl 0.9.7d (FC2) that segfaulted on smime
-encrypt.

>> Another thing I was thinking of was verifying usercertificates
>> received through dns/ldap/filecache before using them. If we
>> auto-query them, we shouldn't stop at the first found certificate in
>> the search path but the first that verifies.
>
> User configurable, though. 

Of course.

> I would want an approach that, if there are multiple matching
> certificates, uses one of that certificates that verify, if any, but
> otherwise just pick any of them.

Yes, or if no verifiable certificates is found ask (configurable)
whether to use a certificate that doesn't verify.

>> And then I just found a bug when you want to read a mail with an
>> encrypted attachment.
>
> Send a patch. :)

Sure. I'll look in to it Wednesday.

Kind regards,
-- 
Arne Jørgensen <http://arnested.dk/>