From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Michael Albinus Newsgroups: gmane.emacs.devel Subject: Re: NSM certificate prompt Date: Sat, 13 Dec 2014 20:16:30 +0100 Message-ID: <87egs3e4xd.fsf@gmx.de> References: <83a92r625n.fsf@gnu.org> <87wq5vefiz.fsf@gmx.de> <87r3w3ebds.fsf@gmx.de> <83wq5v4eb8.fsf@gnu.org> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: ger.gmane.org 1418498228 9164 80.91.229.3 (13 Dec 2014 19:17:08 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Sat, 13 Dec 2014 19:17:08 +0000 (UTC) Cc: Eli Zaretskii , emacs-devel@gnu.org To: Lars Magne Ingebrigtsen Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sat Dec 13 20:17:01 2014 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1XzsBX-00040m-Ta for ged-emacs-devel@m.gmane.org; Sat, 13 Dec 2014 20:17:00 +0100 Original-Received: from localhost ([::1]:34078 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XzsBX-0006Y8-Em for ged-emacs-devel@m.gmane.org; Sat, 13 Dec 2014 14:16:59 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:58157) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XzsBP-0006Xs-6j for emacs-devel@gnu.org; Sat, 13 Dec 2014 14:16:57 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XzsBF-0008Ab-P1 for emacs-devel@gnu.org; Sat, 13 Dec 2014 14:16:51 -0500 Original-Received: from mout.gmx.net ([212.227.17.22]:53154) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XzsBF-00089j-F6; Sat, 13 Dec 2014 14:16:41 -0500 Original-Received: from detlef.gmx.de ([79.195.17.88]) by mail.gmx.com (mrgmx102) with ESMTPSA (Nemesis) id 0MKKaI-1XzKTu3hd0-001ijd; Sat, 13 Dec 2014 20:16:33 +0100 In-Reply-To: (Lars Magne Ingebrigtsen's message of "Sat, 13 Dec 2014 19:06:34 +0100") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.0.50 (gnu/linux) X-Provags-ID: V03:K0:dlZnW+44eO71HYJtPfU4op5SYEiDQ/+Dzgcs5Ism+VeN9Uxm9HQ JAIEUtycv0x6SUdI0/o6HTi6PRHN4bn0aN2+3WPEhlvsBehKvpGpCQNLFFen0jahKuBW1+I wMEuw2Z9vS7ncXEV/Y4JX0Z6+fU93MPDb88nbPGiQ/ObI4mYCvZ4tpqZHPVq8okbUxdcObX TRaWKV70Oo2dpxUWhx/HA== X-UI-Out-Filterresults: notjunk:1; X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] X-Received-From: 212.227.17.22 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:180032 Archived-At: Lars Magne Ingebrigtsen writes: > Eli Zaretskii writes: > >> A middle ground would be to offer to perform an update of the >> certificates when validation fails. > > Yes, that would be nice. We'd have to have a secure way to retrieve > those certificates, though. Perhaps we could use GNU ELPA for this? > Wasn't there some work done on signing packages? That's not the crucial point. A root certificate could be compromised, and with this compromised root certificate a validation might still succeed when it shouldn't. ELPA does not has the means to urge a package update of the hypothetical ca-certificates package, when a new version appears. And who from the core Emacs team will feel responsible to produce a new version of that package when necessary? This must happen short-term, which means a small security team of Emacs must observe relevant mailing list and alike, and must react in time. I don't believe this belongs to Emacs' core functionality. It might be better to investigate first, whether there exist already an infrastructure on the different supported systems we could use. Like the Debian package I've mentioned already. Best regards, Michael.