From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Florian Weimer <fw@deneb.enyo.de>
Newsgroups: gmane.emacs.devel
Subject: Re: Bug#766395: emacs/gnus: Uses s_client to for SSL.
Date: Thu, 23 Oct 2014 20:59:56 +0200
Message-ID: <87vbnay5lf.fsf@mid.deneb.enyo.de>
References: <20141022193441.GA11872@roeckx.be>
	<87zjcnj2k6.fsf@trouble.defaultvalue.org>
	<E1XhLLS-0005Pt-BQ@fencepost.gnu.org>
	<87mw8mzmxj.fsf@mid.deneb.enyo.de>
	<20141023143702.3897e618@jabberwock.cb.piermont.com>
	<8761fazkx7.fsf@mid.deneb.enyo.de>
	<20141023145721.12ed0820@jabberwock.cb.piermont.com>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: ger.gmane.org 1414090826 8313 80.91.229.3 (23 Oct 2014 19:00:26 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Thu, 23 Oct 2014 19:00:26 +0000 (UTC)
Cc: emacs-devel@gnu.org, rms@gnu.org, Rob Browning <rlb@defaultvalue.org>,
	kurt@roeckx.be
To: "Perry E. Metzger" <perry@piermont.com>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Oct 23 21:00:17 2014
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1XhNcN-0007yX-Rs
	for ged-emacs-devel@m.gmane.org; Thu, 23 Oct 2014 21:00:16 +0200
Original-Received: from localhost ([::1]:43018 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1XhNcN-0005px-Az
	for ged-emacs-devel@m.gmane.org; Thu, 23 Oct 2014 15:00:15 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:32826)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <fw@deneb.enyo.de>) id 1XhNcG-0005nj-11
	for emacs-devel@gnu.org; Thu, 23 Oct 2014 15:00:13 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <fw@deneb.enyo.de>) id 1XhNcB-0000q1-3W
	for emacs-devel@gnu.org; Thu, 23 Oct 2014 15:00:07 -0400
Original-Received: from albireo.enyo.de ([46.237.207.196]:34817)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <fw@deneb.enyo.de>)
	id 1XhNc5-0000m1-Kd; Thu, 23 Oct 2014 14:59:57 -0400
Original-Received: from [172.17.203.2] (helo=deneb.enyo.de)
	by albireo.enyo.de with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128)
	id 1XhNc4-0004rF-DN; Thu, 23 Oct 2014 20:59:56 +0200
Original-Received: from fw by deneb.enyo.de with local (Exim 4.80)
	(envelope-from <fw@deneb.enyo.de>)
	id 1XhNc4-0006Bn-5c; Thu, 23 Oct 2014 20:59:56 +0200
In-Reply-To: <20141023145721.12ed0820@jabberwock.cb.piermont.com> (Perry
	E. Metzger's message of "Thu, 23 Oct 2014 14:57:21 -0400")
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy]
X-Received-From: 46.237.207.196
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:175751
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/175751>

* Perry E. Metzger:

> On Thu, 23 Oct 2014 20:43:32 +0200 Florian Weimer <fw@deneb.enyo.de>
>> Keep in mind that TLS 1.0 basically has the same problem as SSL 3.0,
>> and support for protocols beyond TLS 1.0 is not actually widespread.
>
> Connections to most of the top sites are TLS 1.2 at this point.
> Google is TLS 1.2. Facebook is TLS 1.2. Amazon is TLS 1.2. Apple is
> TLS 1.2. I could go on and on.

Many IMAP servers running on free software still use OpenSSL 1.0.0 or
even OpenSSL 0.9.8, which do not support TLS 1.2.  Interoperability
with those should be our priority, not the proprietary services you
listed.