[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#16978: 24.3; SSL/TLS with multiple man-in-the-middle vulnerabilities
From: |
Jens Lechtenboerger |
Subject: |
bug#16978: 24.3; SSL/TLS with multiple man-in-the-middle vulnerabilities |
Date: |
Fri, 21 Mar 2014 21:49:03 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux) |
On Thu, 20 Mar 2014 09:43:50 -0400, Ted Zlatanov <tzz@lifelogs.com> said:
TZ> For storage of the certificates, I think
TZ> ~/.emacs.d/certs/hostname.somextension is the right place. I
TZ> asked this on gnutls-devel a while ago so we can revisit the
TZ> discussion when we have the UI worked out.
Hi Ted,
GnuTLS uses the file ~/.gnutls/known_hosts. I did not look into
this, but why do want to duplicate that functionality in Emacs?
JL> P.S. Self-signed certs are unusable now [...]
TZ> Hmm. That seems a Gnus bug :) Can you submit it separately, to
TZ> keep the books clean, after testing with the latest Gnus?
Done: http://debbugs.gnu.org/17061
JL> P.P.S. I’m using imap.el, which knows of various ways to
JL> establish SSL/TLS connections, but gnutls.el is not among them.
TZ> I think you're on an old Gnus then, which is strange considering
TZ> you're testing with a recent Emacs. What's `M-x gnus-version'?
v5.13 and Ma Gnus v0.10. I’m using imap among `mail-sources' via
imap.el, not nnimap. (The latter is on my todo list.)
Best wishes
Jens