Re: GnuTLS for W32

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GnuTLS for W32

From:	Juanma Barranquero
Subject:	Re: GnuTLS for W32
Date:	Mon, 2 Jan 2012 03:57:44 +0100

> Do we implement security only when many users are at risk?

Irrelevant. We've implemented security, we're talking about defaults.
And that's what cost-benefit analysis is for. The answer could well be
yes, if the alternative to "many" is "almost no-one".

> Including the GnuTLS binary with the official binary packages shouldn't
> be too costly, if we consider how rare Emacs releases are.

The moment a serious bug is detected in GnuTLS, you have to issue
updated packages and get the word out. It's not as easy as you put it.

> As for the
> other option, GnuTLS support could be prominently advertised, not just
> listed as another item on NEWS.

Agreed.

> Shrugh. Security-wise, this way of thinking is responsible for lots of
> disasters.

For some definition of "lots", sure.

> I wouldn't detect if someone were eavesdropping my network
> communications, nor would you.

Considering that I'm in a very small, non-WiFi network behind a rather
paranoid firewall, trust me: if someone is eavesdropping my network,
Emacs is the lesser of my troubles.

    Juanma

[Prev in Thread]

Current Thread

[Next in Thread]

Re: gnutls for win32, (continued)

Prev by Date: Re: GnuTLS for W32
Next by Date: Re: GnuTLS for W32
Previous by thread: Re: GnuTLS for W32
Next by thread: Re: GnuTLS for W32
Index(es):
- Date
- Thread