From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Jimmy Yuen Ho Wong Newsgroups: gmane.emacs.devel Subject: Re: A couple of questions and concerns about Emacs network security Date: Mon, 9 Jul 2018 18:36:31 +0100 Message-ID: References: <83o9g2uhju.fsf@gnu.org> <20180705115826.73c1d95e@jabberwock.cb.piermont.com> <878t6lom8g.fsf@mouse.gnus.org> <87pnzxn4kw.fsf@mouse.gnus.org> <87fu0tmxfs.fsf@mouse.gnus.org> <83va9pha36.fsf@gnu.org> <83tvp9h9dv.fsf@gnu.org> <87y3ellggt.fsf@mouse.gnus.org> <83sh4th84d.fsf@gnu.org> <83lgakgxdf.fsf@gnu.org> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Trace: blaine.gmane.org 1531157748 23415 195.159.176.226 (9 Jul 2018 17:35:48 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Mon, 9 Jul 2018 17:35:48 +0000 (UTC) Cc: Lars Ingebrigtsen , Emacs-Devel devel To: Eli Zaretskii Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Jul 09 19:35:43 2018 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fca4b-0005we-Kt for ged-emacs-devel@m.gmane.org; Mon, 09 Jul 2018 19:35:41 +0200 Original-Received: from localhost ([::1]:43637 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fca6i-0003MW-Ro for ged-emacs-devel@m.gmane.org; Mon, 09 Jul 2018 13:37:52 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:45080) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fca5q-0002q2-BX for emacs-devel@gnu.org; Mon, 09 Jul 2018 13:37:02 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fca5m-0003xb-M2 for emacs-devel@gnu.org; Mon, 09 Jul 2018 13:36:58 -0400 Original-Received: from mail-it0-x234.google.com ([2607:f8b0:4001:c0b::234]:50817) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1fca5i-0003uY-25; Mon, 09 Jul 2018 13:36:50 -0400 Original-Received: by mail-it0-x234.google.com with SMTP id w16-v6so5163259ita.0; Mon, 09 Jul 2018 10:36:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=SlDCGJpLn4V049QGkYs4r5bUbHsIrJPc0uJcu5kyDY4=; b=DHMlLb7S3x/vQDpmkdc4DUlqoDHLT3TwSfo+n+UdG7FO6nWj0BhvgVN9dl+BUKAJ2v Wurt7FfGaVd8ajYdkSkmhhSa4y7iEdt+KNlgzvyiMtGlEMJoj188/AgNIZNKj3lPHJv0 1/Hn3UlhhSRaCT6dFKjU7PGXMM4upAvPBPJ6Z/WXKOiv4IqHdsDVdAZAelGJdn/rz94/ Uvs2m07breIYPhZo4ZqG88Xms0X9vcpRgpuIZ5swPnzfnPf94c3lFXHHoUVvGFyuuYv0 vxTq7+l+79ocUGpX0dR+MuvA89OEoAlXHNbZ/j1lLxM41snO3hy2kaXCppjmc2N9BLXx yXAQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=SlDCGJpLn4V049QGkYs4r5bUbHsIrJPc0uJcu5kyDY4=; b=WvVv6hSF1mcC5Giubiy1mHh7+MVe2vosXOHoh1RdSHZhzxX3p3+RQx1VFPJaVniQOK etH5apwZkxAt6PFC/l8nRCfoCS0as70OXzOIbp+abmhCNxRW2jPs5wypNKLNn85m/jbG AymNs6FpMIJxZ3QbgVCgPzqP2rZNg++gKNFLmsrqCb6SjKHQwe9Np/q2YxBrgRz/VtFy 6BJlKLdzHx0CFirOro+yde6ExBGPkAZGlvdGJ4yqslS0BPJus/2UTdAunJ0V6BWuOmTj vmf2ScqpbAkpW9lQ0BDSH6dV84zLOkD2BQ5K1mxr9WoH6SYNn4LIIrgt5E1r0XFV386l b9ZQ== X-Gm-Message-State: APt69E3VTFlEWpDGJm38OfOVF2CGfu+EUdDv+Yk+ifI4/DxFfN1qAkSS j96PDjdHHQS01EOaTgrwXyhGd3fjJrS0LW/vlK/cvTBs X-Google-Smtp-Source: AAOMgpdZ7rF5oFsOoVEl6eDpMNvDB+bevsf3gkdsJXxZJtrkftUjb4rwJ1TdMArLu0Nup15M/lj/fB0i7DOn6IziOXs= X-Received: by 2002:a24:46c5:: with SMTP id j188-v6mr17638366itb.105.1531157809083; Mon, 09 Jul 2018 10:36:49 -0700 (PDT) In-Reply-To: <83lgakgxdf.fsf@gnu.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2607:f8b0:4001:c0b::234 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.org gmane.emacs.devel:227165 Archived-At: On Mon, Jul 9, 2018 at 5:58 PM Eli Zaretskii wrote: > > > From: Jimmy Yuen Ho Wong > > Date: Sun, 8 Jul 2018 20:22:54 +0100 > > Cc: Lars Ingebrigtsen , Emacs-Devel devel > > > Problem is, I cannot find this number in the GnuTLS documentation, > > > either. Maybe I'm blind; but if not, it means our users have no > > > reasonable way of knowing how many bits they are using, and that is > > > not good, IMO. > > > > It's not in the documentation, it's in the src/gnutls.c line > > 1834-1835. It's also in the docstring of `gnutls-min-prime-bits`. > > Are you talking about the master branch of the Emacs repository? If > so, I must be blind, because I don't see 1008 anywhere around those > places. > No I was merely talking about what (setq gnutls-algorithm-priority nil) means. https://github.com/emacs-mirror/emacs/blob/master/src/gnutls.c#L1835 The default is here: https://github.com/emacs-mirror/emacs/blob/master/src/gnutls.c#L1606 > > > > Users aren't supposed to care about that variable, anyway, since the NSM > > > > warns about less than 1024 bits... > > > > > > Yes, but what if GnuTLS bumps the default to more than that? And even > > > if not, I think I might like to know how far below 1024 I'm going to > > > be if I allow the connection. > > > > See my other email for a way out of this. Once you've caught > > GNUTLS_E_DH_PRIME_UNACCEPTABLE, you can still call > > gnutls_dh_get_prime_bits to get the prime bits the server sends back > > out. I think this is already done, we just need to catch > > GNUTLS_E_DH_PRIME_UNACCEPTABLE so gnutls_verify_boot doesn't > > immediately return. > > That's a separate issue, regarding your argument with Lars whether to > let NSM handle the too low bits or leave it to GnuTLS. The issue I > raised was how can users know what is the GnuTLS default. Because the > doc string of gnutls-min-prime-bits says: > > (defcustom gnutls-min-prime-bits 256 > ;; Several mail servers send fewer bits than the GnuTLS default. > ;; Currently, 256 appears to be a reasonable choice (Bug#11267). > "Minimum number of prime bits accepted by GnuTLS for key exchange. > During a Diffie-Hellman handshake, if the server sends a prime > number with fewer than this number of bits, the handshake is > rejected. \(The smaller the prime number, the less secure the > key exchange is against man-in-the-middle attacks.) > > A value of nil says to use the default GnuTLS value." > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > Which of course immediately begs the question "what is my GnuTLS's > default value?"