* bug#29978: wishlist: gnutls-verify-error needs a 'ask mode
@ 2018-01-04 15:21 Robert Pluim
2018-01-04 16:07 ` Andreas Schwab
0 siblings, 1 reply; 4+ messages in thread
From: Robert Pluim @ 2018-01-04 15:21 UTC (permalink / raw)
To: 29978
Verification using gnutls-verify-error is currently an either-or
proposition: if the verification fails, there's no fallback. Typical
browser implementations allow querying the user for the desired
action, emacs should allow something similar.
Bonus: allow updating gnutls-verify-error automatically based on the
user's response
^ permalink raw reply [flat|nested] 4+ messages in thread
* bug#29978: wishlist: gnutls-verify-error needs a 'ask mode
2018-01-04 15:21 bug#29978: wishlist: gnutls-verify-error needs a 'ask mode Robert Pluim
@ 2018-01-04 16:07 ` Andreas Schwab
2018-01-04 16:23 ` Robert Pluim
0 siblings, 1 reply; 4+ messages in thread
From: Andreas Schwab @ 2018-01-04 16:07 UTC (permalink / raw)
To: Robert Pluim; +Cc: 29978
On Jan 04 2018, Robert Pluim <rpluim@gmail.com> wrote:
> Verification using gnutls-verify-error is currently an either-or
> proposition: if the verification fails, there's no fallback. Typical
> browser implementations allow querying the user for the desired
> action, emacs should allow something similar.
Isn't that what NSM is about?
Andreas.
--
Andreas Schwab, SUSE Labs, schwab@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."
^ permalink raw reply [flat|nested] 4+ messages in thread
* bug#29978: wishlist: gnutls-verify-error needs a 'ask mode
2018-01-04 16:07 ` Andreas Schwab
@ 2018-01-04 16:23 ` Robert Pluim
2018-01-04 16:46 ` Robert Pluim
0 siblings, 1 reply; 4+ messages in thread
From: Robert Pluim @ 2018-01-04 16:23 UTC (permalink / raw)
To: Andreas Schwab; +Cc: 29978
Andreas Schwab <schwab@suse.de> writes:
> On Jan 04 2018, Robert Pluim <rpluim@gmail.com> wrote:
>
>> Verification using gnutls-verify-error is currently an either-or
>> proposition: if the verification fails, there's no fallback. Typical
>> browser implementations allow querying the user for the desired
>> action, emacs should allow something similar.
>
> Isn't that what NSM is about?
NSM doesn't currently come into play until gnutls.c has finished
setting up the TLS connection. Since gnutls.c is the one doing the
verification, by then it's too late.
Robert
^ permalink raw reply [flat|nested] 4+ messages in thread
* bug#29978: wishlist: gnutls-verify-error needs a 'ask mode
2018-01-04 16:23 ` Robert Pluim
@ 2018-01-04 16:46 ` Robert Pluim
0 siblings, 0 replies; 4+ messages in thread
From: Robert Pluim @ 2018-01-04 16:46 UTC (permalink / raw)
To: Andreas Schwab; +Cc: 29978-done
Robert Pluim <rpluim@gmail.com> writes:
> Andreas Schwab <schwab@suse.de> writes:
>
>> On Jan 04 2018, Robert Pluim <rpluim@gmail.com> wrote:
>>
>>> Verification using gnutls-verify-error is currently an either-or
>>> proposition: if the verification fails, there's no fallback. Typical
>>> browser implementations allow querying the user for the desired
>>> action, emacs should allow something similar.
>>
>> Isn't that what NSM is about?
>
> NSM doesn't currently come into play until gnutls.c has finished
> setting up the TLS connection. Since gnutls.c is the one doing the
> verification, by then it's too late.
Umm, nevermind. I hadn't realized nsm already implemented these
checks. Closing.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2018-01-04 16:46 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-01-04 15:21 bug#29978: wishlist: gnutls-verify-error needs a 'ask mode Robert Pluim
2018-01-04 16:07 ` Andreas Schwab
2018-01-04 16:23 ` Robert Pluim
2018-01-04 16:46 ` Robert Pluim
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).