From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Lars Magne Ingebrigtsen Newsgroups: gmane.emacs.bugs Subject: bug#16784: 24.3; Problems opening NNTP connection: failing starttls because of a non-verified certificate Date: Thu, 20 Mar 2014 15:58:02 +0100 Message-ID: References: <86bny5r5lj.fsf@dod.no> <87ob24ctq3.fsf@lifelogs.com> <874n2t3ozq.fsf@lifelogs.com> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: ger.gmane.org 1395327552 18016 80.91.229.3 (20 Mar 2014 14:59:12 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Thu, 20 Mar 2014 14:59:12 +0000 (UTC) Cc: 16784@debbugs.gnu.org To: sb@dod.no Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Thu Mar 20 15:59:21 2014 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1WQeRA-0005TL-La for geb-bug-gnu-emacs@m.gmane.org; Thu, 20 Mar 2014 15:59:16 +0100 Original-Received: from localhost ([::1]:47459 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WQeRA-0004OH-Bg for geb-bug-gnu-emacs@m.gmane.org; Thu, 20 Mar 2014 10:59:16 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:49658) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WQeR1-0004OC-Tq for bug-gnu-emacs@gnu.org; Thu, 20 Mar 2014 10:59:13 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WQeQw-0000PC-KE for bug-gnu-emacs@gnu.org; Thu, 20 Mar 2014 10:59:07 -0400 Original-Received: from debbugs.gnu.org ([140.186.70.43]:41229) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WQeQw-0000Ou-GD for bug-gnu-emacs@gnu.org; Thu, 20 Mar 2014 10:59:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80) (envelope-from ) id 1WQeQw-0008OQ-9B; Thu, 20 Mar 2014 10:59:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Lars Magne Ingebrigtsen Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Thu, 20 Mar 2014 14:59:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 16784 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: Original-Received: via spool by 16784-submit@debbugs.gnu.org id=B16784.139532750732209 (code B ref 16784); Thu, 20 Mar 2014 14:59:02 +0000 Original-Received: (at 16784) by debbugs.gnu.org; 20 Mar 2014 14:58:27 +0000 Original-Received: from localhost ([127.0.0.1]:42410 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WQeQM-0008NR-Fy for submit@debbugs.gnu.org; Thu, 20 Mar 2014 10:58:26 -0400 Original-Received: from hermes.netfonds.no ([80.91.224.195]:58695) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WQeQK-0008NG-5j for 16784@debbugs.gnu.org; Thu, 20 Mar 2014 10:58:24 -0400 Original-Received: from cm-84.215.51.58.getinternet.no ([84.215.51.58] helo=stories.gnus.org) by hermes.netfonds.no with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1WQePz-00033a-OL; Thu, 20 Mar 2014 15:58:03 +0100 Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAFVBMVEU6KSMZDAnFurScjojx 6+hoWFH+/v1jfVVQAAACd0lEQVQ4jXWUwZKjIBCGG5U9y2a8ZxvN2ajkPIXoGWXY85bJ8P6PsA1k puYSkiqt/6O7/8ZWCC8WvAT30ameexACYNLe+TGt9QswIVi5hsX7SOQTWAL1NFfTgQmoFEG3lltW GDM31nLw7pnKc2uBwBruJ0sZRfkTAKtWowrfExBO/QTNas4wLHUNolHqGzDRmPkdwPLTOYb4DGIX k9EMiJwkbcoAbOxiUIpapJTGXEUCZGkTNf2EoAKsNHpknMAnAUrkWAZcDShZkyOYqNduEfG0gI/O 0G0EpItJY7tRBPmWMP0hEOCTHO1GyQiKDvaD79YLnkAVHpLtV1FXWIaDez6whgAjoDfhZraP+nIg PRt3rQkIUd3J18ekYDcoPUWcWQLNvlB97s+T7uj8uS06EQFUYx+diQ8JcXlotzrWcJXaEmiizL0t 7myLoCoXxiIQddzv7WWuUx/NhsCoGfYExeNMBbPdjgGjf85007b2GXjTJzVnMrNtXALs923JMgVQ JrVx5zLA41v3l5nixjH2AWAefc7j3R7eIQ4WzS495yosSaYpHIJK05sA8PVIOgnDoyzlOAw5An7p qKu01fkdMyDvbw+fxx9l8DMgIgGysjVGUUVJggz91BcJUA52NV3cnoB33ekLNH9W+QQYuNzZkIF7 625z1o0OBY7nQhNwThWy0qQPaFo0u8ahxAT6UjmMnmQrUbp5RvUR4BhdT47aWESSLzloAi6B6zwO f6UcYgnsUFMtt8Ix4JWUUWsTl/7XrnRpCSBupjVSt8as5rgtlxA0mmw36FFRXcqk8EwZMb6cn/Tq GyN5O7uRTCAdJ30RYH39kXkF/gM+J+kc0PYFjwAAAABJRU5ErkJggg== X-Now-Playing: Various's _Nature Mortes - Still Lives_: "Dif Juz - Re" X-Hashcash: 1:23:140320:sb@dod.no::O5Nb6PVt4uE3LoqB:000000009LgT X-Hashcash: 1:23:140320:16784@debbugs.gnu.org::Bw3xkR8IguyMSDPd:0000000000000000000000000000000000000000Pf/1 In-Reply-To: <874n2t3ozq.fsf@lifelogs.com> (Ted Zlatanov's message of "Thu, 20 Mar 2014 10:48:25 -0400") User-Agent: Gnus/5.13001 (Ma Gnus v0.10) Emacs/24.3.50 (gnu/linux) X-MailScanner-ID: 1WQePz-00033a-OL MailScanner-NULL-Check: 1395932284.04031@79Nqw206uwiHXvxf2ON5yw X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:87026 Archived-At: Ted Zlatanov writes: > SB> I would like one of the following solutions: > SB> 1. The possibility to switch off the attempted upgrade to STARTTLS for > SB> NNTP connections > > I think Lars has to give an opinion here. I think we should always do encryption, even though we can't do validation. > So basically customize that variable and add :trustfiles and :hostname > for the respective verifications, or nil to disable them. When doing opportunistic upgrades (where the user hasn't asked for the connection to be encrypted), bothering the user with warnings about not being able to establish the identity of the server doesn't make much sense. -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no