From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.bugs Subject: bug#9017: 24.0.50; gnutls.c: [0] (Emacs) fatal error: Key usage violation in certificate has been detected. Date: Wed, 25 Jan 2012 14:29:14 -0600 Organization: =?UTF-8?Q?=D0=A2=D0=B5=D0=BE=D0=B4=D0=BE=D1=80_?= =?UTF-8?Q?=D0=97=D0=BB=D0=B0=D1=82=D0=B0=D0=BD=D0=BE=D0=B2?= @ Cienfuegos Message-ID: <87fwf3frvp.fsf@lifelogs.com> References: <87ei22yzz3.fsf@niu.edu> <19990.21514.711483.515100@gargle.gargle.HOWL> <19995.450.645561.299970@gargle.gargle.HOWL> <19995.2276.68599.608421@gargle.gargle.HOWL> <19995.3751.825437.128524@gargle.gargle.HOWL> <19995.6586.299315.729607@gargle.gargle.HOWL> <19997.45936.636066.132554@gargle.gargle.HOWL> <19997.49819.733446.452844@gargle.gargle.HOWL> <87hb6n7ars.fsf@lifelogs.com> <20002.11953.120421.334092@gargle.gargle.HOWL> <20002.54164.83168.584630@gargle.gargle.HOWL> <20003.40556.788680.652938@gargle.gargle.HOWL> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: dough.gmane.org 1327519853 4161 80.91.229.12 (25 Jan 2012 19:30:53 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Wed, 25 Jan 2012 19:30:53 +0000 (UTC) Cc: 9017@debbugs.gnu.org, Lars Magne Ingebrigtsen To: Roland Winkler Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Wed Jan 25 20:30:47 2012 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([140.186.70.17]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1Rq8YO-0002Ey-TH for geb-bug-gnu-emacs@m.gmane.org; Wed, 25 Jan 2012 20:30:45 +0100 Original-Received: from localhost ([::1]:46366 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Rq8YO-0001dE-6H for geb-bug-gnu-emacs@m.gmane.org; Wed, 25 Jan 2012 14:30:44 -0500 Original-Received: from eggs.gnu.org ([140.186.70.92]:46134) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Rq8YH-0001d1-ML for bug-gnu-emacs@gnu.org; Wed, 25 Jan 2012 14:30:41 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Rq8YG-0004EJ-97 for bug-gnu-emacs@gnu.org; Wed, 25 Jan 2012 14:30:37 -0500 Original-Received: from debbugs.gnu.org ([140.186.70.43]:38453) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Rq8YG-0004EF-63 for bug-gnu-emacs@gnu.org; Wed, 25 Jan 2012 14:30:36 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.72) (envelope-from ) id 1Rq8Yf-0004Qu-Kt for bug-gnu-emacs@gnu.org; Wed, 25 Jan 2012 14:31:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Ted Zlatanov Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Wed, 25 Jan 2012 19:31:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 9017 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: Original-Received: via spool by 9017-submit@debbugs.gnu.org id=B9017.132751982016988 (code B ref 9017); Wed, 25 Jan 2012 19:31:01 +0000 Original-Received: (at 9017) by debbugs.gnu.org; 25 Jan 2012 19:30:20 +0000 Original-Received: from localhost ([127.0.0.1]:43840 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Rq8Y0-0004Px-27 for submit@debbugs.gnu.org; Wed, 25 Jan 2012 14:30:20 -0500 Original-Received: from cer-mailmxol2.jumptrading.com ([208.78.214.25]:19022) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1Rq8Xx-0004Pi-QE for 9017@debbugs.gnu.org; Wed, 25 Jan 2012 14:30:18 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Ap0EAGMjIE/AqF0N/2dsb2JhbABDr0OBcgEBBXkQCw0UGgsPAQRJDgXAKIkrAgEKAiIFg3gGgzUEiD+SWIx3 Original-Received: from unknown (HELO chiexchange02.w2k.jumptrading.com) ([192.168.93.13]) by cer-mailmxol2.jumptrading.com with ESMTP; 25 Jan 2012 19:31:10 +0000 Original-Received: from internalsmtp.w2k.jumptrading.com (10.2.4.29) by chiexchange02.w2k.jumptrading.com (10.2.4.71) with Microsoft SMTP Server id 8.2.176.0; Wed, 25 Jan 2012 13:29:44 -0600 Original-Received: from tzlatanov-ubuntu-desktop.jumptrading.com ([10.2.27.110]) by internalsmtp.w2k.jumptrading.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 25 Jan 2012 13:29:44 -0600 X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes In-Reply-To: <20003.40556.788680.652938@gargle.gargle.HOWL> (Roland Winkler's message of "Sun, 17 Jul 2011 21:46:04 -0500") User-Agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.92 (gnu/linux) X-OriginalArrivalTime: 25 Jan 2012 19:29:44.0400 (UTC) FILETIME=[B10F0D00:01CCDB97] X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:56000 Archived-At: On Sun, 17 Jul 2011 21:46:04 -0500 "Roland Winkler" wrote: RW> From the perspective of a user who doesn't know much about smtp, I RW> agree with Stefan's previous message suggesting that it would be RW> nice to get rid of the need to have customizations such as RW> (setq gnutls-algorithm-priority "normal:-dhe-rsa") RW> But from my perspective this may go on the wishlist. I think we're saying that if the priority string generates this error: gnutls.c: [0] (Emacs) fatal error: Key usage violation in certificate has been detected. we should at least tell the user "hey, maybe (setq gnutls-algorithm-priority "normal:-dhe-rsa" would work for you. Do you want to try it?" I don't think it should be tried automatically. That's convenient but insecure. The priority string above basically disables security. If you agree about the prompting or have a better suggestion we can unarchive this bug. Ted