From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: =?utf-8?Q?Toke_H=C3=B8iland-J=C3=B8rgensen?= <toke@toke.dk>
Newsgroups: gmane.emacs.devel
Subject: Re: Network security manager
Date: Tue, 18 Nov 2014 23:09:38 +0100
Message-ID: <87h9xw5ffh.fsf@alrua-karlstad.karlstad.toke.dk>
References: <m3zjbqouyk.fsf@stories.gnus.org>
	<jwvk32uq67g.fsf-monnier+emacs@gnu.org>
	<85a93pj1n5.fsf@stephe-leake.org> <m3oas5am0b.fsf@stories.gnus.org>
	<CAG-q9=Z7_T1-AYz=pYjvJeg1BM1i9VjYAu76V_pD5F7MpR8a2A@mail.gmail.com>
	<m3bno5igmh.fsf@stories.gnus.org>
	<87sihg7r73.fsf@alrua-karlstad.karlstad.toke.dk>
	<87a93oilxl.fsf@lifelogs.com> <m3h9xw5xyd.fsf@stories.gnus.org>
	<87oas4h555.fsf@lifelogs.com> <m3d28kfpte.fsf@stories.gnus.org>
	<8761ech0zm.fsf@lifelogs.com> <m3tx1we7hi.fsf@stories.gnus.org>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: ger.gmane.org 1416348604 5446 80.91.229.3 (18 Nov 2014 22:10:04 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Tue, 18 Nov 2014 22:10:04 +0000 (UTC)
Cc: emacs-devel@gnu.org
To: Lars Magne Ingebrigtsen <larsi@gnus.org>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Tue Nov 18 23:09:58 2014
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1XqqyE-0000zm-57
	for ged-emacs-devel@m.gmane.org; Tue, 18 Nov 2014 23:09:58 +0100
Original-Received: from localhost ([::1]:55640 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1XqqyD-0003Qb-MP
	for ged-emacs-devel@m.gmane.org; Tue, 18 Nov 2014 17:09:57 -0500
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:51326)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <toke@toke.dk>) id 1Xqqy6-0003OW-FZ
	for emacs-devel@gnu.org; Tue, 18 Nov 2014 17:09:55 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <toke@toke.dk>) id 1Xqqy1-000268-Eq
	for emacs-devel@gnu.org; Tue, 18 Nov 2014 17:09:50 -0500
Original-Received: from mail2.tohojo.dk ([77.235.48.147]:42424)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <toke@toke.dk>)
	id 1Xqqy1-000264-9S
	for emacs-devel@gnu.org; Tue, 18 Nov 2014 17:09:45 -0500
X-Virus-Scanned: amavisd-new at mail2.tohojo.dk
Original-Received: by alrua-karlstad.karlstad.toke.dk (Postfix, from userid 1000)
	id 8A14F1E5776; Tue, 18 Nov 2014 23:09:38 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toke.dk; s=201310;
	t=1416348204; bh=fCW+SNHk20nO7ap7CNCOscL49/569wLkzVAv/pvVAOg=;
	h=From:To:Cc:Subject:References:Date:In-Reply-To;
	b=S2Znd6VQVM8jeHaPDDMS5fDySyIfL/15zm2b5b2Q3vQwhjjUjSTkyWKZ2q9cekdhS
	AaM15SS+GfDlrn8ByhG0jjAWP4jnIyFGFP/DLKY7QOivDwhbCC5ERa3Zevwv8mzHaI
	iYH2uUQOsAd7XMsnBrB/5GlcDGIQk8SzpH5Q7oiA=
In-Reply-To: <m3tx1we7hi.fsf@stories.gnus.org> (Lars Magne Ingebrigtsen's
	message of "Tue, 18 Nov 2014 18:36:25 +0100")
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x
X-Received-From: 77.235.48.147
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:177681
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/177681>

Lars Magne Ingebrigtsen <larsi@gnus.org> writes:

> On the other hand, we could store the server names in plain text when
> we store security exceptions to make reviews easier. That is, keep the
> hash-only thing for STARTTLS man-in-the-middle tracking and the like,
> but if the user registers an exception, then we'd stash the server
> name in there, too.

Would it make sense to have a hostname-based setting for credentials
storage? I.e. similar to how gnutls-verify-error is currently a hostname
match, I might want to set nsm-security-level per hostname. For
instance, I'd like to have 'paranoid' security for the services I
provide credentials to (most notably my mail server), but would probably
not mind keeping random TLS servers I may happen to download an image
from out of my certificate list file.

> This would avoid leaving a complete list of STARTTLS servers in that
> file, but still allow easy removal of specific exceptions.

OpenSSH has the 'HashKnownHosts' configuration parameter which
determines whether hostnames should be hashed in the trust store
(similar to what you are doing). I tend to turn it off to be able to
find things...

-Toke