From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mail.toke.dk; spf=pass (mailfrom) smtp.mailfrom=irif.fr (client-ip=2001:660:3301:8000::1:2; helo=korolev.univ-paris7.fr; envelope-from=jch@irif.fr; receiver=) Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) by mail.toke.dk (Postfix) with ESMTPS id 0ACD17F4D38 for ; Wed, 24 Feb 2021 23:02:40 +0100 (CET) Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/82085) with ESMTP id 11OM2dWV003100; Wed, 24 Feb 2021 23:02:39 +0100 Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 58C1FDD9C2; Wed, 24 Feb 2021 23:02:39 +0100 (CET) X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id JLwmcwpmO2yd; Wed, 24 Feb 2021 23:02:37 +0100 (CET) Received: from pirx.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id A26D0DD9B3; Wed, 24 Feb 2021 23:02:37 +0100 (CET) Date: Wed, 24 Feb 2021 23:02:37 +0100 Message-ID: <87blc9qg3m.wl-jch@irif.fr> From: Juliusz Chroboczek To: Dave Taht In-Reply-To: References: <87mtvtqn5d.wl-jch@irif.fr> <9fb4bedf-0195-7515-dc54-2d225504f874@stroeder.com> <87im6hqi83.wl-jch@irif.fr> <87ft1lqhud.wl-jch@irif.fr> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/27.1 Mule/6.0 MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [194.254.61.138]); Wed, 24 Feb 2021 23:02:39 +0100 (CET) X-Miltered: at korolev with ID 6036CCFF.001 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)! X-j-chkmail-Enveloppe: 6036CCFF.001 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/ X-j-chkmail-Score: MSGID : 6036CCFF.001 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000 X-j-chkmail-Status: Ham Message-ID-Hash: IR2SZGW4OTDA6HYSPYNS7DOT654QQDGU X-Message-ID-Hash: IR2SZGW4OTDA6HYSPYNS7DOT654QQDGU X-MailFrom: jch@irif.fr X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header CC: Michael =?ISO-8859-1?Q?Str=F6der?= , galene@lists.galene.org X-Mailman-Version: 3.3.2 Precedence: list Subject: [Galene] Re: Heads up: =?iso-8859-1?q?Gal=E8ne?= generates self-signed certificates List-Id: =?utf-8?q?Gal=C3=A8ne_videoconferencing_server_discussion_list?= Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: > The CA authority argument has always smelt of the old key escrow argument Not in this case, I don't think so -- it's just another way for some folks to make heaps of money. > I however wouldn't mind if that there was a command within galene to > fire off the lets encrypt facility if a box is on the public internet > and has working dns. shell out to acme, I think.... There is a Go library to do that, and it wouldn't be difficult to integrate. However, that would require being able to listen on port 443, which is probably more trouble then it's worth. As to shelling out, recall that we're supposed to be portable to Windows, and Windows users are the ones most likely to be confused if the behaviour is different depending on platform. -- Juliusz