From: Ted Zlatanov <tzz@lifelogs.com>
To: emacs-devel@gnu.org
Subject: Re: Network security manager
Date: Tue, 18 Nov 2014 10:58:46 -0500 [thread overview]
Message-ID: <87oas4h555.fsf@lifelogs.com> (raw)
In-Reply-To: m3h9xw5xyd.fsf@stories.gnus.org
On Tue, 18 Nov 2014 16:29:30 +0100 Lars Magne Ingebrigtsen <larsi@gnus.org> wrote:
LMI> Ted Zlatanov <tzz@lifelogs.com> writes:
TH> incidentally, does Emacs check the cipher mode of the connection
TH> itself (I'm assuming this warning pertains to the certificate
TH> itself, not the connection encryption).
>>
>> No, after establishing the connection we don't check its properties. In
>> many cases, depending on the priority string, it could be very different
>> from what we expected IIUC, so this is neither simple nor very useful.
LMI> Well, yes, that's exactly what we do. Open the connection, and then
LMI> check the properties. >"?
You're checking the certificate, but not the cipher mode or anything
else that was negotiated. I think that's what Toke meant.
>> Also, would you like to integrate your TOFU patch with the new nsm branch?
LMI> The NSM does TOFU. No patch necessary.
Cool.
>> I'm testing and using the NSM. The number one thing it needs is a
>> `tabulated-list-mode' interface to review all the entries. See also my
>> note about the GPG key management functionality, which I think naturally
>> fits in the NSM.
LMI> Sure... but since there's almost nothing human-readable (or something a
LMI> machine can transform into something human-readable), I'm not quite sure
LMI> what it should display...
The list of explicitly saved security exceptions.
LMI> I mean, I can see a user wanting to say to Emacs "delete everything you
LMI> know about me contacting news.gmane.org", but there's no real way to
LMI> match that up to the entries in the file unless you also know the port
LMI> number/service name used.
True, but I really don't see the harm in saving those in cleartext. Like
I said, I would use a .gpg file if I was worried about leaking that
data. With the current approach I think you'll see two problems:
1) cruft will accumulate, since you don't know what's what
2) when servers change names or ports, you don't know what to remove
HTH
Ted
next prev parent reply other threads:[~2014-11-18 15:58 UTC|newest]
Thread overview: 265+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-17 12:46 Network security manager Lars Magne Ingebrigtsen
2014-11-17 13:56 ` Ted Zlatanov
2014-11-17 13:59 ` Andreas Schwab
2014-11-17 14:04 ` Lars Magne Ingebrigtsen
2014-11-17 16:13 ` Eli Zaretskii
2014-11-17 14:17 ` Stefan Monnier
2014-11-17 14:21 ` Lars Magne Ingebrigtsen
2014-11-17 15:00 ` Ted Zlatanov
2014-11-17 15:06 ` Ted Zlatanov
2014-11-17 17:31 ` Stefan Monnier
2014-11-17 18:06 ` Ted Zlatanov
2014-11-17 15:22 ` Lars Magne Ingebrigtsen
2014-11-17 16:04 ` Ted Zlatanov
2014-11-17 18:55 ` Lars Magne Ingebrigtsen
2014-11-17 16:22 ` Eli Zaretskii
2014-11-17 16:15 ` Eli Zaretskii
2014-11-17 16:11 ` Eli Zaretskii
2014-11-17 14:00 ` Lars Magne Ingebrigtsen
2014-11-17 16:13 ` Eli Zaretskii
2014-11-17 13:59 ` Stefan Monnier
2014-11-17 15:19 ` Stephen Leake
2014-11-17 15:24 ` Lars Magne Ingebrigtsen
2014-11-17 15:29 ` Kelvin White
2014-11-17 15:38 ` Kelvin White
2014-11-17 18:49 ` Lars Magne Ingebrigtsen
2014-11-17 18:58 ` Rob Browning
2014-11-17 19:07 ` Óscar Fuentes
2014-11-18 8:52 ` Sebastien Vauban
2014-11-18 14:54 ` Óscar Fuentes
2014-11-17 22:53 ` Lars Magne Ingebrigtsen
2014-11-17 23:16 ` Lars Magne Ingebrigtsen
2014-11-17 23:26 ` Lars Magne Ingebrigtsen
2014-11-18 15:19 ` Ted Zlatanov
2014-11-17 23:51 ` Lars Magne Ingebrigtsen
2014-11-18 14:41 ` Lars Magne Ingebrigtsen
2014-11-18 14:57 ` Rasmus
2014-11-18 15:01 ` Lars Magne Ingebrigtsen
2014-11-18 19:44 ` Achim Gratz
2014-11-18 19:48 ` Lars Magne Ingebrigtsen
2014-11-18 15:03 ` Tassilo Horn
2014-11-18 15:10 ` Lars Magne Ingebrigtsen
2014-11-18 15:23 ` Tassilo Horn
2014-11-18 15:17 ` Ted Zlatanov
2014-11-18 15:30 ` Lars Magne Ingebrigtsen
2014-11-18 15:40 ` Lars Magne Ingebrigtsen
2014-11-18 15:45 ` Lars Magne Ingebrigtsen
2014-11-18 16:04 ` Ted Zlatanov
2014-11-18 19:49 ` Achim Gratz
2014-11-18 19:53 ` Lars Magne Ingebrigtsen
2014-11-18 19:55 ` Lars Magne Ingebrigtsen
2014-11-18 21:17 ` David Engster
2014-11-18 21:28 ` David Engster
2014-11-18 21:54 ` Lars Magne Ingebrigtsen
2014-11-18 20:47 ` N. Jackson
2014-11-18 21:07 ` Lars Magne Ingebrigtsen
2014-11-18 21:29 ` N. Jackson
2014-11-18 21:36 ` David Engster
2014-11-18 21:55 ` Lars Magne Ingebrigtsen
2014-11-18 22:02 ` David Engster
2014-11-19 0:05 ` Stephen J. Turnbull
2014-11-18 10:12 ` Toke Høiland-Jørgensen
2014-11-18 15:10 ` Ted Zlatanov
2014-11-18 15:29 ` Lars Magne Ingebrigtsen
2014-11-18 15:58 ` Ted Zlatanov [this message]
2014-11-18 16:15 ` Lars Magne Ingebrigtsen
2014-11-18 16:35 ` Lars Magne Ingebrigtsen
2014-11-18 16:41 ` Lars Magne Ingebrigtsen
2014-11-18 17:00 ` Lars Magne Ingebrigtsen
2014-11-18 17:23 ` Ted Zlatanov
2014-11-18 17:28 ` Lars Magne Ingebrigtsen
2014-11-18 17:40 ` Ted Zlatanov
2014-11-18 17:47 ` Eli Zaretskii
2014-11-18 17:57 ` Lars Magne Ingebrigtsen
2014-11-18 17:43 ` Eli Zaretskii
2014-11-18 17:54 ` Lars Magne Ingebrigtsen
2014-11-18 18:08 ` Eli Zaretskii
2014-11-18 18:13 ` Lars Magne Ingebrigtsen
2014-11-18 18:18 ` Lars Magne Ingebrigtsen
2014-11-18 18:29 ` Lars Magne Ingebrigtsen
2014-11-18 18:40 ` Eli Zaretskii
2014-11-18 19:19 ` Lars Magne Ingebrigtsen
2014-11-18 19:22 ` Eli Zaretskii
2014-11-18 19:26 ` Lars Magne Ingebrigtsen
2014-11-18 19:55 ` Eli Zaretskii
2014-11-18 19:24 ` Daniel Colascione
2014-11-18 20:40 ` Stefan Monnier
2014-11-18 20:49 ` Eli Zaretskii
2014-11-18 23:02 ` Lars Magne Ingebrigtsen
2014-11-18 23:31 ` Ted Zlatanov
2014-11-19 8:37 ` Lars Magne Ingebrigtsen
2014-11-19 11:17 ` Ted Zlatanov
2014-11-19 11:23 ` Lars Magne Ingebrigtsen
2014-11-19 11:46 ` Ted Zlatanov
2014-11-19 21:11 ` Toke Høiland-Jørgensen
2014-11-19 7:39 ` Lars Magne Ingebrigtsen
2014-11-18 20:51 ` Lars Magne Ingebrigtsen
2014-11-19 2:09 ` Stefan Monnier
2014-11-19 3:55 ` Eli Zaretskii
2014-11-19 13:40 ` Stefan Monnier
2014-11-19 13:51 ` Ted Zlatanov
2014-11-19 14:45 ` Lars Magne Ingebrigtsen
2014-11-19 15:30 ` Lars Magne Ingebrigtsen
2014-11-19 15:36 ` Ted Zlatanov
2014-11-19 15:47 ` Lars Magne Ingebrigtsen
2014-11-19 15:53 ` Ted Zlatanov
2014-11-19 16:12 ` Lars Magne Ingebrigtsen
2014-11-19 16:12 ` EWW buffers Ivan Shmakov
2014-11-19 16:17 ` Lars Magne Ingebrigtsen
2014-11-19 17:10 ` bug#19109: eww-setup-buffer: use set-buffer instead of switch-to-buffer Ivan Shmakov
[not found] ` <m3r3wznli0.fsf@stories.gnus.org>
[not found] ` <87sih9u4pa.fsf_-_@violet.siamics.net>
[not found] ` <v2tx1p4syz.fsf@fencepost.gnu.org>
2014-11-23 19:35 ` mailing control@, but requesting that no replies be sent there Ivan Shmakov
2014-11-24 0:22 ` bug#19109: " Glenn Morris
2014-11-24 6:50 ` Ivan Shmakov
2014-11-24 7:13 ` Stephen J. Turnbull
2014-11-24 5:00 ` bug#19109: " Stephen J. Turnbull
2014-11-19 22:27 ` EWW buffers Stefan Monnier
2014-11-20 6:47 ` Ivan Shmakov
2014-11-21 12:16 ` Lars Magne Ingebrigtsen
2014-11-19 15:56 ` Network security manager Eli Zaretskii
2014-11-19 22:23 ` Stefan Monnier
2014-11-20 16:22 ` Eli Zaretskii
2014-11-20 23:34 ` Stefan Monnier
2014-11-21 8:10 ` Eli Zaretskii
2014-11-21 9:24 ` Lars Magne Ingebrigtsen
2014-11-21 9:40 ` Eli Zaretskii
2014-11-21 11:12 ` Lars Magne Ingebrigtsen
2014-11-21 10:36 ` Andreas Schwab
2014-11-21 13:30 ` Daniel Colascione
2014-11-21 15:05 ` Stefan Monnier
2014-11-21 15:02 ` Stefan Monnier
2014-11-18 18:30 ` Eli Zaretskii
2014-11-18 18:41 ` Lars Magne Ingebrigtsen
2014-11-18 18:42 ` Eli Zaretskii
2014-11-18 18:24 ` Eli Zaretskii
2014-11-18 18:22 ` Ted Zlatanov
2014-11-18 17:28 ` Ted Zlatanov
2014-11-18 17:36 ` Lars Magne Ingebrigtsen
2014-11-18 17:44 ` Ted Zlatanov
2014-11-18 18:10 ` Lars Magne Ingebrigtsen
2014-11-18 22:09 ` Toke Høiland-Jørgensen
[not found] ` <87egt0792y.fsf@echidna.jochen.org>
2014-11-18 17:28 ` Lars Magne Ingebrigtsen
2014-11-19 4:31 ` Ted Zlatanov
2014-11-19 5:43 ` Toke Høiland-Jørgensen
2014-11-19 8:44 ` Lars Magne Ingebrigtsen
2014-11-19 11:09 ` Ted Zlatanov
2014-11-19 11:19 ` Lars Magne Ingebrigtsen
2014-11-19 11:41 ` Ted Zlatanov
2014-11-19 11:50 ` Lars Magne Ingebrigtsen
2014-11-19 12:11 ` Ted Zlatanov
2014-11-19 14:16 ` Lars Magne Ingebrigtsen
2014-11-19 8:46 ` Lars Magne Ingebrigtsen
2014-11-18 20:50 ` Toke Høiland-Jørgensen
2014-11-18 21:06 ` Lars Magne Ingebrigtsen
2014-11-18 21:10 ` Toke Høiland-Jørgensen
2014-11-18 21:54 ` Lars Magne Ingebrigtsen
2014-11-18 21:57 ` Toke Høiland-Jørgensen
2014-11-18 22:13 ` Lars Magne Ingebrigtsen
2014-11-18 22:18 ` Toke Høiland-Jørgensen
2014-11-18 22:54 ` Lars Magne Ingebrigtsen
2014-11-19 6:03 ` Toke Høiland-Jørgensen
2014-11-19 8:55 ` Lars Magne Ingebrigtsen
2014-11-19 12:05 ` Garreau, Alexandre
2014-11-19 12:17 ` Lars Magne Ingebrigtsen
2014-11-19 12:26 ` Garreau, Alexandre
2014-11-19 12:29 ` Lars Magne Ingebrigtsen
2014-11-23 19:53 ` Lars Magne Ingebrigtsen
2014-11-23 19:59 ` Lars Magne Ingebrigtsen
2014-11-23 20:23 ` Garreau, Alexandre
2014-11-23 20:36 ` Lars Magne Ingebrigtsen
2014-11-23 20:41 ` Lars Magne Ingebrigtsen
2014-11-23 22:24 ` Lars Magne Ingebrigtsen
2014-11-23 22:30 ` joakim
2014-11-30 13:38 ` Stefan Monnier
2014-11-30 22:29 ` Lars Magne Ingebrigtsen
2014-12-01 3:10 ` Stefan Monnier
2014-11-19 14:35 ` Lars Magne Ingebrigtsen
2014-11-19 16:33 ` Toke Høiland-Jørgensen
2014-11-19 16:38 ` Lars Magne Ingebrigtsen
2014-11-19 21:00 ` Toke Høiland-Jørgensen
2014-11-18 21:23 ` Ted Zlatanov
2014-11-18 19:45 ` Lars Magne Ingebrigtsen
2014-11-18 20:33 ` Toke Høiland-Jørgensen
2014-11-18 22:37 ` Lars Magne Ingebrigtsen
2014-11-18 21:37 ` Toke Høiland-Jørgensen
2014-11-18 21:57 ` Lars Magne Ingebrigtsen
2014-11-18 22:03 ` Toke Høiland-Jørgensen
2014-11-18 22:13 ` Lars Magne Ingebrigtsen
2014-11-18 15:22 ` Ted Zlatanov
2014-11-18 15:33 ` Lars Magne Ingebrigtsen
2014-11-18 17:03 ` Glenn Morris
2014-11-18 17:17 ` Daniel Colascione
2014-11-18 17:41 ` Eli Zaretskii
2014-11-22 10:27 ` Steinar Bang
2014-11-17 16:57 ` Romain Francoise
2014-11-17 18:30 ` Stefan Monnier
2014-11-18 8:29 ` Stephen Leake
2014-11-18 15:49 ` Stefan Monnier
2014-11-18 16:01 ` Ted Zlatanov
2014-11-18 16:24 ` Lars Magne Ingebrigtsen
2014-11-18 21:21 ` Toke Høiland-Jørgensen
2014-11-18 22:25 ` Lars Magne Ingebrigtsen
2014-11-18 22:28 ` Toke Høiland-Jørgensen
2014-11-22 5:24 ` emacs-dynamic-module in Emacs Git? Stephen Leake
2014-11-22 15:49 ` Stefan Monnier
2014-11-22 17:12 ` Óscar Fuentes
2014-11-22 23:28 ` Ted Zlatanov
2014-11-23 10:38 ` Aurélien Aptel
2014-11-24 1:19 ` Aurélien Aptel
2014-11-25 10:05 ` Ted Zlatanov
2014-11-26 17:05 ` Aurélien Aptel
2014-11-27 2:10 ` Ted Zlatanov
2014-11-27 15:38 ` Aurélien Aptel
2014-11-27 15:45 ` Ted Zlatanov
2014-11-29 17:05 ` Eli Zaretskii
2014-11-29 17:45 ` Eli Zaretskii
2014-11-30 14:08 ` Stefan Monnier
2014-11-30 15:42 ` Eli Zaretskii
2014-11-30 18:09 ` Stefan Monnier
2014-12-01 0:44 ` Ted Zlatanov
2014-12-01 3:41 ` Stefan Monnier
2014-12-01 10:31 ` Ted Zlatanov
2014-12-01 13:45 ` Stefan Monnier
2014-12-01 14:10 ` Aurélien Aptel
2014-12-01 14:47 ` Ted Zlatanov
2014-12-01 15:04 ` Stefan Monnier
2014-12-01 15:36 ` Ted Zlatanov
2014-12-01 16:28 ` Aurélien Aptel
2014-12-01 17:05 ` Ted Zlatanov
2014-12-01 22:46 ` Stephen Leake
2014-12-01 17:44 ` Eli Zaretskii
2014-12-01 19:40 ` Stefan Monnier
2014-12-01 20:19 ` Ted Zlatanov
2014-12-02 21:22 ` Ted Zlatanov
2014-12-04 20:40 ` Aurélien Aptel
2014-12-05 1:02 ` Ted Zlatanov
2014-12-05 2:43 ` Ivan Andrus
2014-12-10 0:53 ` Ted Zlatanov
2014-12-11 15:49 ` Aurélien Aptel
2014-12-11 14:35 ` Ted Zlatanov
2014-12-01 19:12 ` Stefan Monnier
2014-12-01 22:42 ` Stephen Leake
2014-12-02 1:16 ` Ted Zlatanov
2014-12-02 3:29 ` Stefan Monnier
2014-12-01 16:21 ` Eli Zaretskii
2014-12-01 13:59 ` Aurélien Aptel
2014-12-01 16:51 ` Eli Zaretskii
2014-12-01 22:58 ` Stephen Leake
2014-12-02 3:33 ` Stefan Monnier
2014-12-03 9:27 ` Stephen Leake
2014-12-03 13:57 ` Stefan Monnier
2014-12-03 17:41 ` Eli Zaretskii
2014-12-02 3:40 ` Eli Zaretskii
2014-12-02 17:58 ` Steinar Bang
2014-12-02 18:09 ` Eli Zaretskii
2014-12-03 10:04 ` Stephen Leake
2014-12-03 10:55 ` David Kastrup
2014-12-03 21:11 ` Stephen Leake
2014-12-03 17:56 ` Eli Zaretskii
2014-12-03 19:05 ` Stefan Monnier
2014-11-17 16:07 ` Network security manager Eli Zaretskii
2014-11-17 18:58 ` Lars Magne Ingebrigtsen
2014-11-17 19:05 ` Eli Zaretskii
2014-11-17 19:37 ` Lars Magne Ingebrigtsen
2014-11-17 19:49 ` Óscar Fuentes
2014-11-17 20:00 ` Lars Magne Ingebrigtsen
2014-11-17 20:31 ` Óscar Fuentes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87oas4h555.fsf@lifelogs.com \
--to=tzz@lifelogs.com \
--cc=emacs-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).