From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Eli Zaretskii Newsgroups: gmane.emacs.bugs Subject: bug#19404: 25.0.50; Gnus shows self-signed certificate warning when connecting to Gmane Date: Thu, 18 Dec 2014 19:56:52 +0200 Message-ID: <83r3vwu9i3.fsf@gnu.org> References: <86ppbhrx9a.fsf@yandex.ru> <838ui5uf27.fsf@gnu.org> <83vbl8uau2.fsf@gnu.org> Reply-To: Eli Zaretskii NNTP-Posting-Host: plane.gmane.org X-Trace: ger.gmane.org 1418925505 600 80.91.229.3 (18 Dec 2014 17:58:25 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Thu, 18 Dec 2014 17:58:25 +0000 (UTC) Cc: 19404@debbugs.gnu.org, dgutov@yandex.ru To: Lars Magne Ingebrigtsen Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Thu Dec 18 18:58:17 2014 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1Y1fL7-0002u4-0U for geb-bug-gnu-emacs@m.gmane.org; Thu, 18 Dec 2014 18:58:17 +0100 Original-Received: from localhost ([::1]:55158 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Y1fL6-0008B5-I9 for geb-bug-gnu-emacs@m.gmane.org; Thu, 18 Dec 2014 12:58:16 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:53364) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Y1fKy-0008Aj-AG for bug-gnu-emacs@gnu.org; Thu, 18 Dec 2014 12:58:13 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Y1fKs-0000b9-QK for bug-gnu-emacs@gnu.org; Thu, 18 Dec 2014 12:58:08 -0500 Original-Received: from debbugs.gnu.org ([140.186.70.43]:41112) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Y1fKs-0000b1-MK for bug-gnu-emacs@gnu.org; Thu, 18 Dec 2014 12:58:02 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80) (envelope-from ) id 1Y1fKs-0005sU-A7 for bug-gnu-emacs@gnu.org; Thu, 18 Dec 2014 12:58:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Eli Zaretskii Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Thu, 18 Dec 2014 17:58:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 19404 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: Original-Received: via spool by 19404-submit@debbugs.gnu.org id=B19404.141892542822526 (code B ref 19404); Thu, 18 Dec 2014 17:58:02 +0000 Original-Received: (at 19404) by debbugs.gnu.org; 18 Dec 2014 17:57:08 +0000 Original-Received: from localhost ([127.0.0.1]:50478 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Y1fJw-0005rB-KV for submit@debbugs.gnu.org; Thu, 18 Dec 2014 12:57:08 -0500 Original-Received: from mtaout23.012.net.il ([80.179.55.175]:55073) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Y1fJq-0005qb-WC for 19404@debbugs.gnu.org; Thu, 18 Dec 2014 12:57:02 -0500 Original-Received: from conversion-daemon.a-mtaout23.012.net.il by a-mtaout23.012.net.il (HyperSendmail v2007.08) id <0NGS00800HRQN600@a-mtaout23.012.net.il> for 19404@debbugs.gnu.org; Thu, 18 Dec 2014 19:56:57 +0200 (IST) Original-Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout23.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0NGS008F3HUXLZ20@a-mtaout23.012.net.il>; Thu, 18 Dec 2014 19:56:57 +0200 (IST) In-reply-to: X-012-Sender: halo1@inter.net.il X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:97538 Archived-At: > From: Lars Magne Ingebrigtsen > Cc: dgutov@yandex.ru, 19404@debbugs.gnu.org > Date: Thu, 18 Dec 2014 18:53:07 +0100 > > Eli Zaretskii writes: > > > OK, let me rephrase: How can a user, a mere mortal, like myself or > > Dmitry, tell that this certificate is OK, while the one I was > > presented in my problem is not? > > That's not generally possible. Too bad. > Unfortunately there's no difference between a certificate signed by > a CA that you don't happen to have in your CA bundle, and a > self-signed certificate. Unless I've misunderstood something. > > I think that's one of many unfortunate design choices made when the > certificate system was set up. > > So the "(self-signed)" string we have in our warnings should perhaps be > changed to "(possibly self-signed)". Is this text returned by GnuTLS, or do we produce it in Emacs? If the latter, can _we_ somehow distinguish between the two cases and add some text to that effect?