From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: "Stephen J. Turnbull" Newsgroups: gmane.emacs.devel Subject: Re: Additional network security Date: Mon, 08 Dec 2014 10:44:03 +0900 Message-ID: <87bnnekja4.fsf@uwakimon.sk.tsukuba.ac.jp> References: <87lhmkja3h.fsf@uwakimon.sk.tsukuba.ac.jp> <871tobmndd.fsf@lifelogs.com> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 X-Trace: ger.gmane.org 1418003075 6925 80.91.229.3 (8 Dec 2014 01:44:35 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 8 Dec 2014 01:44:35 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Dec 08 02:44:28 2014 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1XxnNE-0000Bl-9L for ged-emacs-devel@m.gmane.org; Mon, 08 Dec 2014 02:44:28 +0100 Original-Received: from localhost ([::1]:59762 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XxnND-0002bQ-GK for ged-emacs-devel@m.gmane.org; Sun, 07 Dec 2014 20:44:27 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:48373) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XxnN4-0002bC-LY for emacs-devel@gnu.org; Sun, 07 Dec 2014 20:44:24 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XxnMy-0001EZ-NS for emacs-devel@gnu.org; Sun, 07 Dec 2014 20:44:18 -0500 Original-Received: from shako.sk.tsukuba.ac.jp ([130.158.97.161]:37169) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XxnMy-0001Dd-E5 for emacs-devel@gnu.org; Sun, 07 Dec 2014 20:44:12 -0500 Original-Received: from uwakimon.sk.tsukuba.ac.jp (uwakimon.sk.tsukuba.ac.jp [130.158.99.156]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by shako.sk.tsukuba.ac.jp (Postfix) with ESMTPS id 090DF1C38D4 for ; Mon, 8 Dec 2014 10:44:04 +0900 (JST) Original-Received: by uwakimon.sk.tsukuba.ac.jp (Postfix, from userid 1000) id DFDD91A2CFC; Mon, 8 Dec 2014 10:44:03 +0900 (JST) In-Reply-To: <871tobmndd.fsf@lifelogs.com> X-Mailer: VM undefined under 21.5 (beta34) "kale" acf1c26e3019 XEmacs Lucid (x86_64-unknown-linux) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 130.158.97.161 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:179345 Archived-At: Ted Zlatanov writes: > On Sun, 07 Dec 2014 14:35:30 +0900 "Stephen J. Turnbull" wrote: > > SJT> Stefan Monnier writes: > >> > GnuTLS doesn't really set policy here; that's up to the application. > >> > >> Damn! > > SJT> Welcome to the wild world of security. Can't if you do, damned if you > SJT> don't. > > Fortunately, it's not up to the application either. The user can choose > their policy: That's merely an even more virulent version of the problem that bothers Stefan: folks who are not security specialists are making this very complex decisions. I don't think there's anything that can be done about it; it's just hard.