emacs-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Deprecate TLS1.0 support in emacs

From: Lars Ingebrigtsen
Subject: Re: Deprecate TLS1.0 support in emacs
Date: Thu, 03 Aug 2017 13:48:20 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) 
Stefan Monnier <address@hidden> writes:

>> Yes, I agree.  eww, for instance, could remove the green URL when using
>> TLS 1.0, etc.  But the proposed NSM warning (which would make the user
>> answer "y" to a direct question about the TLS-ness) is too heavy, in my
>> opinion.
>
> Could we replace the prompt with a simple message (and if the message
> gets overwritten too soon, maybe adding a short delay)?

Hm...  that sounds like a nice compromise.  However, there might be a
lot of these messages if, for instance, the user visits a web page where
all the images are being served over a TLS connection we're warning
about.

Or perhaps warnings in those instances should be inhibited?

Anyway, the NSM layer could be easily extended to add certain
notifications to each security level.  So you'd get something like

"Connection to fsf.org:443 is less secure because of an old TLS version"

or along those lines flashing in the minibuffer...

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no
reply via email to
[Prev in Thread] Current Thread [Next in Thread]