[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#9017: 24.0.50; gnutls.c: [0] (Emacs) fatal error: Key usage violatio
From: |
Ted Zlatanov |
Subject: |
bug#9017: 24.0.50; gnutls.c: [0] (Emacs) fatal error: Key usage violation in certificate has been detected. |
Date: |
Thu, 26 Jan 2012 09:40:22 -0600 |
User-agent: |
Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.92 (gnu/linux) |
On Wed, 25 Jan 2012 23:35:35 +0100 Lars Ingebrigtsen <larsi@gnus.org> wrote:
>> Either way it seems that `gnutls-algorithm-priority' will have to be one
>> of those string-or-alist-or-function variables, so you can disable
>> security altogether for specific hosts that need it. I can add that
>> support if you think it's reasonable.
LI> I think the nice way to handle this would be to prompt the user here.
LI> With something like "The server provides buggy dhe-rsa credentials;
LI> connect anyway?" or something, which would result in "-dhe-rsa" being
LI> added to the variable.
LI> But as you point out, it should be on a per-host basis, probably...
OK, so by default it's a string and it works OK for most people.
When we get the key exception Roland had, we ask the user and then
convert `gnutls-algorithm-priority' to
'((t old-value) (current-host "normal:-dhe-rsa")) or we create a new
entry if it's already an alist.
We also support a function, which gets the hostname as a parameter and
returns a string.
Cool?
Ted