Jimmy Yuen Ho Wong <wyuenho@gmail.com> writes:
> It's not supposed to -- the connection is stopped at the gnutls level.
> Which is why that variable defaults to 256, so that the NSM can handle
> the problem.
>
> How about moving the min-prime-bits knob over to NSM so it can warn
> instead of silently bypassing it by fiddling options directly related
> to GnuTLS?
The NSM does warn about this. Unless you've fiddled with the options,
which you've chosen to do yourself.
The low-level variables doc strings should mention that you're not
supposed to fiddle with them unless you have very specific needs and
point you to the NSM instead.
I don't think `nsm-noninteractive' should be a defcustom, but perhaps
there should be a `quit' value to `network-security-level' that just
aborts on any network strangeness without querying the user.