[Emacs-diffs] /srv/bzr/emacs/emacs-24 r107999: * net/gnutls.el (gnutls-min-prime-bits): Improve docstring.

[Chong Yidong]

------------------------------------------------------------
revno: 107999
committer: Chong Yidong <address@hidden>
branch nick: emacs-24
timestamp: Wed 2012-05-16 10:49:19 +0800
message:
  * net/gnutls.el (gnutls-min-prime-bits): Improve docstring.
modified:
  lisp/ChangeLog
  lisp/net/gnutls.el

=== modified file 'lisp/ChangeLog'
--- a/lisp/ChangeLog    2012-05-15 15:43:06 +0000
+++ b/lisp/ChangeLog    2012-05-16 02:49:19 +0000
@@ -1,3 +1,7 @@
+2012-05-16  Chong Yidong  <address@hidden>
+
+       * net/gnutls.el (gnutls-min-prime-bits): Improve docstring.
+
 2012-05-15  Chong Yidong  <address@hidden>
 
        * help.el (describe-mode): Doc fix.

=== modified file 'lisp/net/gnutls.el'
--- a/lisp/net/gnutls.el        2012-05-15 15:16:13 +0000
+++ b/lisp/net/gnutls.el        2012-05-16 02:49:19 +0000
@@ -67,9 +67,13 @@
 
 ;;;###autoload
 (defcustom gnutls-min-prime-bits 256
-  "Minimum number of bits to be used in Diffie-Hellman key exchange.
-During a client-server handshake, if the server sends a prime
-with fewer than this number of bits, the handshake will fail.
+  ;; Several mail servers send fewer bits than the GnuTLS default.
+  ;; Currently, 256 appears to be a reasonable choice (Bug#11267).
+  "Minimum number of prime bits accepted by GnuTLS for key exchange.
+During a Diffie-Hellman handshake, if the server sends a prime
+number with fewer than this number of bits, the handshake is
+rejected.  \(The smaller the prime number, the less secure the
+key exchange is against man-in-the-middle attacks.)
 
 A value of nil says to use the default GnuTLS value."
   :type '(choice (const :tag "Use default value" nil)