[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking.
From: |
Eli Zaretskii |
Subject: |
Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking. |
Date: |
Wed, 08 Oct 2014 17:01:21 +0300 |
> From: Lars Magne Ingebrigtsen <address@hidden>
> Cc: address@hidden, address@hidden, address@hidden
> Date: Wed, 08 Oct 2014 15:47:33 +0200
>
> Eli Zaretskii <address@hidden> writes:
>
> > What happens if some stuff comes out of the stream that failed to be
> > validated, while Emacs negotiates with the user about what to do?
> > Normally, we would pass this stuff to whatever sentinel was defined,
> > or insert it into a buffer. Is that what you want?
>
> Does that really happen that early in the connection process? I thought
> sentinels and buffers were attached at a point later, so that
> `open-network-stream' would have a chance of inspecting the stream
> first.
It won't happen before open-network-stream returns, or close to its
end, but then I don't quite understand where do you want to insert the
validation stuff. Did you intend to do that inside
open-network-stream? If so, it will suddenly start talking to the
user, something that applications might not be ready for.
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., (continued)
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Eli Zaretskii, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Lars Magne Ingebrigtsen, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Eli Zaretskii, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Lars Magne Ingebrigtsen, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Eli Zaretskii, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Lars Magne Ingebrigtsen, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Eli Zaretskii, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Lars Magne Ingebrigtsen, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Toke Høiland-Jørgensen, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Lars Magne Ingebrigtsen, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking.,
Eli Zaretskii <=
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Lars Magne Ingebrigtsen, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Eli Zaretskii, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Ted Zlatanov, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Lars Magne Ingebrigtsen, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Ted Zlatanov, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Stephen J. Turnbull, 2014/10/08
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Ted Zlatanov, 2014/10/09
- Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Toke Høiland-Jørgensen, 2014/10/08
Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking., Ted Zlatanov, 2014/10/08