Re: A couple of questions and concerns about Emacs network security

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A couple of questions and concerns about Emacs network security

From:	Lars Ingebrigtsen
Subject:	Re: A couple of questions and concerns about Emacs network security
Date:	Sun, 24 Jun 2018 18:57:38 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)

Eli Zaretskii <address@hidden> writes:

> When the changes are pushed to master, we could look at them and
> consider whether they (or some of their parts) are safe enough for
> emacs-26.

Yup.

I'm going through the current recommendations for TLS security, and most
of them are straightforward and require just some added NSM checks.
However, the check for intermediary sha1 certificates checks requires a
C-level change: gnutls.c doesn't expose to Lisp the certificate chain,
so I'll have to add that, too.

It's not a complicated addition, but it's C level, so you'll have to
decide whether something that has the potential for crashing Emacs is
worth the risk for Emacs 26.2.  But I guess we'll see once I've
implemented this (hopefully next week).

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

[Prev in Thread]

Current Thread

[Next in Thread]

Re: A couple of questions and concerns about Emacs network security, (continued)

Prev by Date: RE: info URL « open at point » patch
Next by Date: Re: info URL « open at point » patch
Previous by thread: Re: A couple of questions and concerns about Emacs network security
Next by thread: Re: A couple of questions and concerns about Emacs network security
Index(es):
- Date
- Thread