Re: Network security manager

[Lars Magne Ingebrigtsen]

Ted Zlatanov <address@hidden> writes:

> LMI> 1) Drop certificate checking for images in shr.  I mean, do we care?
>
> I think we care.

What are the security implications of inserting an image from a source
we can't validate?  99% of the images aren't over TLS, anyway, and
aren't validated...

> LMI> 2) If being run from the async context (how do we check for that?),
> LMI> refuse to handle insecure TLS connections silently.
>
> Works for me, as long as the errors are reviewable in the NSM.  I should
> be able to go somewhere and hit a button "allow this cert from now on".

shr should really insert "broken image" markers into the buffers (and
"loading images"), and then the user could just hit RET on one of the
broken images and then get queried about the certificate
interactively...

Which reminds me: We need a way to determine that Emacs is running
non-interactively as well as being run from an async context.  What's
the way to do that?

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no