bug#11267: 24.0.95; gnutls.c: [0] (Emacs) fatal error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough).

[Ted Zlatanov]

On Thu, 19 Apr 2012 11:41:40 -0500 "Roland Winkler" <winkler@gnu.org> wrote: 

RW> On Thu Apr 19 2012 Lars Magne Ingebrigtsen wrote:
>> Glenn Morris <rgm@gnu.org> writes:
>> > I also wonder how it can be safer to fall back to no encryption at all,
>> > rather than using weak encryption (if that is indeed what is happening).
>> > Maybe it's to prevent a false sense of security, or something.
>> 
>> Are you sure that it's falling back to no encryption?  If it really does
>> that, then that's pretty crappy behaviour, in my opinion.

RW> If the error message was more verbose, say by mentioning the
RW> fallback the code uses, this could help nonexpert users like us to
RW> understand the situation.

The error is coming straight from GnuTLS.  We can probably add a
Emacs-specific clarification to it, mentioning `gnutls-min-prime-bits'.
Would that be more helpful?  Or should I add a FAQ section to
emacs-gnutls.texi?

Usually this means the server should increase the size of the prime,
e.g. here are similar reports for msmtp and Sendmail:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461802
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440344

Dropping down to fewer bits in the DH prime is AFAIK not a serious
concern: you're not exposing your communications, only making the
exchange of the secret key slightly less secure.  So you're slightly
more vulnerable to a man-in-the-middle attack, but the connection itself
will be encrypted.  You can only turn off encryption by changing the
priority string.

ted