From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Christopher Schmidt <christopher@ch.ristopher.com>
Newsgroups: gmane.emacs.devel
Subject: Re: using GnuTLS 3.x and certificate checks
Date: Wed,  5 Jun 2013 16:59:37 +0100 (BST)
Message-ID: <87obbkpmzb@ch.ristopher.com>
References: <87zjxumbjf.fsf@wanadoo.es> <83y5dazmpt.fsf@gnu.org>
	<86ehf2zefk.fsf@gmail.com> <86li9az2sw.fsf@gmail.com>
	<83hajyz1mi.fsf@gnu.org> <867gku88lx.fsf@gmail.com>
	<83a9pqysc5.fsf@gnu.org> <86sj3i6ndd.fsf@gmail.com>
	<83620eyonh.fsf@gnu.org> <86620dqmsd.fsf@gmail.com>
	<83r4j1xmim.fsf@gnu.org> <86y5d9p4oh.fsf@gmail.com>
	<83ppylxidt.fsf@gnu.org> <86txnxoz1k.fsf@gmail.com>
	<83hajxxd5c.fsf@gnu.org> <874nfxt219.fsf_-_@lifelogs.com>
	<874nfenmya@ch.ristopher.com> <877giv7k2s.fsf@lifelogs.com>
	<8738ti3gqt@ch.ristopher.com> <871u9260ga.fsf@lifelogs.com>
	<87ehcg1tpx.fsf@lifelogs.com>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: ger.gmane.org 1370447997 7818 80.91.229.3 (5 Jun 2013 15:59:57 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Wed, 5 Jun 2013 15:59:57 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Jun 05 17:59:59 2013
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1UkG7x-0005xv-NL
	for ged-emacs-devel@m.gmane.org; Wed, 05 Jun 2013 17:59:57 +0200
Original-Received: from localhost ([::1]:34489 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1UkG7x-0007Mq-CB
	for ged-emacs-devel@m.gmane.org; Wed, 05 Jun 2013 11:59:57 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:43178)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <christopher@ch.ristopher.com>) id 1UkG7o-0007LR-5e
	for emacs-devel@gnu.org; Wed, 05 Jun 2013 11:59:55 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <christopher@ch.ristopher.com>) id 1UkG7g-0001cY-Fx
	for emacs-devel@gnu.org; Wed, 05 Jun 2013 11:59:48 -0400
Original-Received: from ristopher.com ([146.185.21.93]:51615
	helo=saturn.ch.ristopher.com) by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <christopher@ch.ristopher.com>) id 1UkG7g-0001c5-85
	for emacs-devel@gnu.org; Wed, 05 Jun 2013 11:59:40 -0400
Original-Received: by saturn.ch.ristopher.com (Postfix, from userid 0)
	id 756D8201A3; Wed,  5 Jun 2013 16:59:37 +0100 (BST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=ch.ristopher.com;
	s=mail; t=1370447977;
	bh=qeupPrT8Axsex1jrSWnBVS3HV6uYJQ/b9v7n7nnd7Po=;
	h=From:To:Subject:In-Reply-To:Message-ID:References:MIME-Version:
	Content-Type:Date;
	b=p+Otxq+JxdeyuwwQmu2C92y4L5Xx7sTYtmbaU6wrpLZXqLcovsKrg6f2fY3sOU6A1
	GeCTpWOLkXMIewmA2ZXfdeq7d4ccVLbg+V9OPIAeBAPTtn6cBK4FmSxjO2p7Z36A/b
	BREoX/gtkwlHskjclQcZRLScKYIE4Gku+QLmsxP4=
In-Reply-To: <87ehcg1tpx.fsf@lifelogs.com> (Ted Zlatanov's message of "Wed,
	05 Jun 2013 11:07:54 -0400")
Mail-Followup-To: emacs-devel@gnu.org
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.4.x
X-Received-From: 146.185.21.93
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:160116
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/160116>

Ted Zlatanov <tzz@lifelogs.com> writes:
> CS> I think a verification mechanism should run unattended without
> CS> user interaction whatsoever.  What's your use case for an
> CS> interactive verification snippet?
>
> TZ> How else could a user accept a previously unknown certificate?
>
> Ping?  Any ideas?

I don't know.  I don't think there is a common use case, though.

Those folks who set up their own verification or pinning mechanism in
favour of a ca-certificates.crt provided by the operating system usually
apply extra careful scrutiny and caution on all aspects of the
certificates.  Accepting new certificates on-the-fly via interactive
minibuffer queries is not a good idea.  I assume most folks would want
to abort the handshake and take a look at the full dump of all the certs
in the chain.

Check the Screenshots of Certificate Patrol.

    https://addons.mozilla.org/en-US/firefox/addon/certificate-patrol/

I, for one, don't need or want any interactive query in case
verification fails.  An user-error or returning an error status is
enough.  (I already implemented certificate pinning support by
substituting open-network-stream with my own implementation.  If
verification fails, the cert's received are printed to the
*Messages*-buffer and the connection is killed.  My investigations
continues outside Emacs with the help of gnutls-cli --print-cert and
certtool.  This system is easy to maintain, does not cause much trouble
and I don't have any complains so far.)

        Christopher