Re: Bug#766395: emacs/gnus: Uses s

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug#766395: emacs/gnus: Uses s_client to for SSL.

From:	Ted Zlatanov
Subject:	Re: Bug#766395: emacs/gnus: Uses s_client to for SSL.
Date:	Sat, 25 Oct 2014 11:27:19 -0400
User-agent:	Gnus/5.130012 (Ma Gnus v0.12) Emacs/25.0.50 (gnu/linux)

On Fri, 24 Oct 2014 23:33:01 +0200 Lars Magne Ingebrigtsen <address@hidden> 
wrote: 

LMI> The super-alarmist "don't allow the user to do what she obviously wants
LMI> to do" just makes the user to disable all security.

Yes, I'm very concerned that we will turn on GnuTLS verification and
make the priority string more strict, and users will conclude Emacs is
broken.  Then we'll see the advice "oh just go back to s_client and
you'll be fine."

I really need to know if GnuTLS can interact with Emacs Lisp during the
negotiation phases through C callbacks, because if it can, we'll be able
to catch and remedy these situations.  We discussed that earlier when
Toke submitted the TOFU patch and I'd appreciate some help.

Thanks
Ted

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Bug#766395: emacs/gnus: Uses s_client to for SSL., (continued)

Prev by Date: Re: building emacs-dynamic-modules on Windows Msys64 mingw32
Next by Date: removing SSLv3 support by default from the Emacs GnuTLS integration (was: Bug#766395: emacs/gnus: Uses s_client to for SSL.)
Previous by thread: Re: Bug#766395: emacs/gnus: Uses s_client to for SSL.
Next by thread: Re: Bug#766395: emacs/gnus: Uses s_client to for SSL.
Index(es):
- Date
- Thread