Re: [Exim] Snapshot for GnuTLS testing

Top Page
Delete this message
Reply to this message
Author: Nico Erfurth
Date:  
To: Philip Hazel
CC: exim-users
Subject: Re: [Exim] Snapshot for GnuTLS testing
Philip Hazel wrote:
> I have updated the Exim development snapshot that is available in
>
> ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Testing/exim-snapshot.tar.gz
>
> The snapshot version is now 4.10.9.
>
> The main reason for this snapshot is that I have just spent some time making it
> work with GnuTLS as an alternative to OpenSSL. Nikos Mavroyanopoulos sent me
> some "proof of concept" code, but I have had to work on it quite a bit to fit
> it into the existing code properly, and to get it to pass all my tests. The
> code is therefore "alpha" and needs more testing in the field. As this is a
> snapshot, the only documentation is in the doc/NewStuff file.


I hope the readfile and home_directory patch will be included in the
next version.

> I have now equipped myself with GnuPG, and so I have signed the snapshot. I
> would like people to confirm whether I have done this correctly. You won't be
> able to trust the signature because my key has not been signed by anybody else,
> though I can offer (below) a signed letter from Ross Anderson, confirming that
> my GPG key fingerprint is as follows:


Seems correct to me (I needed to import your key from the appendend
message, you should publish it on a keyserver).

> pub  2048R/FB0F43D8 2002-10-21 Philip Hazel <ph10@???>
>      Key fingerprint = 45F6 8D54 BBE2 3FB3 039B  46E5 9766 E084 FB0F 43D8
>      uid                       Philip Hazel <ph10@???>

>
> (Ross is using PGP, so was not able to sign my key directly.)


This shouldn't be a problem, AFAIK heise (a german company) is signed
gnupg-keys with there pgp-keys too.

ciao