GNU bug report logs -
#21238
ELPA not available over TLS
Previous Next
Reported by: Glyph <glyph <at> twistedmatrix.com>
Date: Tue, 11 Aug 2015 23:40:03 UTC
Severity: wishlist
Tags: notabug
Done: Glenn Morris <rgm <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
> On Aug 11, 2015, at 7:25 PM, Stefan Monnier <monnier <at> iro.umontreal.ca> wrote:
>
>> Even if packages were signed and I could verify all of them, I still don't
>> think it's the NSA's business which packages I've requested from ELPA.
>> It would be nice if ELPA were available over TLS to provide both an
>> additional level of security,
>
> AFAIK you can already use "https://..." addresses. This should work for
> the GNU ELPA server, at least.
Okay, I was sure I'd hit https://elpa.gnu.org and it was a connection error before I posted this bug. I just did again and it worked, so... I must have been in error.
>> and to provide an interim solution while we are waiting for
>> package signing.
>
> All GNU ELPA packages are signed and Emacs-24.5 does check them if you
> have GPG installed.
Thanks also for this bit of information. It should probably require that GPG be installed if package.el is to be used then, but that is a separate issue.
Sorry for the bogus report!
[Message part 2 (text/html, inline)]
This bug report was last modified 9 years and 290 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.