--- Begin Message ---
Subject: |
wishlist: gnutls-verify-error needs a 'ask mode |
Date: |
Thu, 04 Jan 2018 16:21:21 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.0.90 (gnu/linux) |
Verification using gnutls-verify-error is currently an either-or
proposition: if the verification fails, there's no fallback. Typical
browser implementations allow querying the user for the desired
action, emacs should allow something similar.
Bonus: allow updating gnutls-verify-error automatically based on the
user's response
--- End Message ---
--- Begin Message ---
Subject: |
Re: bug#29978: wishlist: gnutls-verify-error needs a 'ask mode |
Date: |
Thu, 04 Jan 2018 17:46:36 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.0.90 (gnu/linux) |
Robert Pluim <address@hidden> writes:
> Andreas Schwab <address@hidden> writes:
>
>> On Jan 04 2018, Robert Pluim <address@hidden> wrote:
>>
>>> Verification using gnutls-verify-error is currently an either-or
>>> proposition: if the verification fails, there's no fallback. Typical
>>> browser implementations allow querying the user for the desired
>>> action, emacs should allow something similar.
>>
>> Isn't that what NSM is about?
>
> NSM doesn't currently come into play until gnutls.c has finished
> setting up the TLS connection. Since gnutls.c is the one doing the
> verification, by then it's too late.
Umm, nevermind. I hadn't realized nsm already implemented these
checks. Closing.
--- End Message ---