[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] nsm 02/02: Document the Network Security Manager briefly
From: |
Lars Ingebrigtsen |
Subject: |
[Emacs-diffs] nsm 02/02: Document the Network Security Manager briefly |
Date: |
Tue, 18 Nov 2014 17:51:18 +0000 |
branch: nsm
commit b02df42bf1bb015fffdec3cac2829d813813fc09
Author: Lars Magne Ingebrigtsen <address@hidden>
Date: Tue Nov 18 18:51:01 2014 +0100
Document the Network Security Manager briefly
* processes.texi (Network): Mention the Network Security Manager.
---
doc/lispref/ChangeLog | 4 ++++
doc/lispref/processes.texi | 27 +++++++++++++++++++++++++++
2 files changed, 31 insertions(+), 0 deletions(-)
diff --git a/doc/lispref/ChangeLog b/doc/lispref/ChangeLog
index 9123194..fd9a36e 100644
--- a/doc/lispref/ChangeLog
+++ b/doc/lispref/ChangeLog
@@ -1,3 +1,7 @@
+2014-11-18 Lars Magne Ingebrigtsen <address@hidden>
+
+ * processes.texi (Network): Mention the Network Security Manager.
+
2014-11-09 Glenn Morris <address@hidden>
* Makefile.in (version): Remove variable.
diff --git a/doc/lispref/processes.texi b/doc/lispref/processes.texi
index c91afdf..a47cb52 100644
--- a/doc/lispref/processes.texi
+++ b/doc/lispref/processes.texi
@@ -2040,6 +2040,12 @@ Regular expression matching a successful
@acronym{STARTTLS} negotiation.
If address@hidden, do opportunistic @acronym{STARTTLS} upgrades even if Emacs
doesn't have built-in @acronym{TLS} support.
address@hidden ::warn-unless-encrypted @var{boolean}
+If address@hidden, and @code{:return-value} is also address@hidden,
+Emacs will warn if the connection isn't encrypted. This is useful for
+protocols like @acronym{IMAP} and the like, where most users would
+expect the network traffic to be encrypted.
+
@item :client-certificate @var{list-or-t}
Either a list of the form @code{(@var{key-file} @var{cert-file})},
naming the certificate key file and certificate file itself, or
@@ -2065,6 +2071,27 @@ The connection type: @samp{plain} or @samp{tls}.
@end defun
address@hidden Network Security Manager
+After establishing the connection, the connection is then passed on to
+the Network Security Manager (@acronym{NSM}). If the connection is a
address@hidden or @acronym{STARTTLS} connection, the @acronym{NSM} will
+check whether the certificate used to establish the identity of the
+server we're connecting to can be verified. If this can't be done,
+the @acronym{NSM} will query the user whether to proceed with the
+connection.
+
+The user is given the choice of registering a permanent security
+exception, a temporary one, or whether to refuse the connection
+entirely.
+
+If the connection is unencrypted, but it was encrypted in previous
+sessions, the user will also be notified about this.
+
address@hidden nsm-security-level
+The @code{nsm-security-level} variable determines the security level.
+If this is @code{low}, no security checks are performed.
+
+
@node Network Servers
@section Network Servers
@cindex network servers