GNU bug report logs - #21238
ELPA not available over TLS

Previous Next

Package: emacs;

Reported by: Glyph <glyph <at> twistedmatrix.com>

Date: Tue, 11 Aug 2015 23:40:03 UTC

Severity: wishlist

Tags: notabug

Done: Glenn Morris <rgm <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #8 received at 21238 <at> debbugs.gnu.org (full text, mbox):

From: Stefan Monnier <monnier <at> IRO.UMontreal.CA>
To: Glyph <glyph <at> twistedmatrix.com>
Cc: 21238 <at> debbugs.gnu.org
Subject: Re: bug#21238: ELPA not available over TLS
Date: Tue, 11 Aug 2015 22:25:07 -0400

> Even if packages were signed and I could verify all of them, I still don't
> think it's the NSA's business which packages I've requested from ELPA.
> It would be nice if ELPA were available over TLS to provide both an
> additional level of security,

AFAIK you can already use "https://..." addresses.  This should work for
the GNU ELPA server, at least.

> and to provide an interim solution while we are waiting for
> package signing.

All GNU ELPA packages are signed and Emacs-24.5 does check them if you
have GPG installed.


        Stefan
This bug report was last modified 9 years and 290 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.