From: Jimmy Yuen Ho Wong <wyuenho@gmail.com>
To: Lars Ingebrigtsen <larsi@gnus.org>
Cc: Paul Eggert <eggert@cs.ucla.edu>,
Emacs-Devel devel <emacs-devel@gnu.org>
Subject: Re: A couple of questions and concerns about Emacs network security
Date: Sun, 8 Jul 2018 19:54:16 +0100 [thread overview]
Message-ID: <CAKDRQS7RU5Fi3FPttQVgcRPvoeDC=uGdUbhHzPMmY=87uoR2EQ@mail.gmail.com> (raw)
In-Reply-To: <87bmbhmx5l.fsf@mouse.gnus.org>
>
> Some people want these checks on the TLS level, and that's why those
> checks exist. It's perfectly reasonable for a user with a specific need
> (for instance, to talk to a particularly ornery old private SSL 0.9
> server) to use the gnutls functions and variables directly when
> implementing their solution.
>
It's not about what they want, but about what to give them so they can
accomplish what they want to do without getting confused by the
contradictary docs, and reading the source code. The pretense of NSM
taking care of all network security matters does not match the
reality. And from the sense I get, there's no intention to turn that
ideal into reality either. Nobody is talking about taking away
functionality here. You can remove/replace/rename/change things and
still provide equivalent functionality.
> That's why these things are layered. gnutls is a low-level library that
> allows tweaking certain things about the connections it provides.
>
> The NSM is a high-level user facing library. Merging the two doesn't
> seem to make much sense.
>
> Both here and in other places in this thread you seem to fixate on the
> particular use cases you're interested in to the extent that you say
> that other use cases are wrong, somehow. People have different needs
> and different approaches, and Emacs should empower them to get their
> work done, and not pressure them into doing it the way we think they
> should do it.
>
We are talking about what should be the defaults here, as I've said in
that giant email a couple of days ago, you can have both reasonable
OTTB settings and freedom. If you haven't read it, I urge you to.
How about this, I'll be satisfied if we append :group 'nsm on the
gnutls defcustoms, so they show up on both the gnutls customize group
**and** nsm, and document in the docstrings the effects to NSM checks
if you mess with these GnuTLS settings? This doesn't sound too drastic
and saves users from having to dig around 2 different places or
resolve to trial and error to figure out there interactions.
next prev parent reply other threads:[~2018-07-08 18:54 UTC|newest]
Thread overview: 221+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-22 22:00 A couple of questions and concerns about Emacs network security Jimmy Yuen Ho Wong
2018-06-22 22:43 ` Paul Eggert
2018-06-22 23:21 ` Lars Ingebrigtsen
2018-06-22 23:33 ` Lars Ingebrigtsen
2018-06-23 1:35 ` Jimmy Yuen Ho Wong
2018-06-23 10:23 ` Lars Ingebrigtsen
2018-06-23 10:34 ` Lars Ingebrigtsen
2018-06-23 10:48 ` Jimmy Yuen Ho Wong
2018-06-23 11:32 ` Lars Ingebrigtsen
2018-06-23 11:55 ` Jimmy Yuen Ho Wong
2018-06-23 12:05 ` Lars Ingebrigtsen
2018-06-23 12:13 ` Eli Zaretskii
2018-06-23 12:15 ` Lars Ingebrigtsen
2018-06-23 12:26 ` Eli Zaretskii
2018-07-07 9:57 ` Eli Zaretskii
2018-07-08 14:01 ` Lars Ingebrigtsen
2018-07-08 14:53 ` Eli Zaretskii
2018-07-08 15:06 ` Lars Ingebrigtsen
2018-07-08 15:23 ` Eli Zaretskii
2018-06-23 12:45 ` Jimmy Yuen Ho Wong
2018-06-24 12:53 ` Lars Ingebrigtsen
2018-07-05 13:33 ` Perry E. Metzger
2018-07-05 13:49 ` Eli Zaretskii
2018-07-05 15:29 ` Perry E. Metzger
2018-07-05 18:55 ` Eli Zaretskii
2018-07-05 19:26 ` Paul Eggert
2018-07-05 19:35 ` Eli Zaretskii
2018-07-05 20:01 ` Eli Zaretskii
2018-07-06 17:03 ` Paul Eggert
2018-07-06 17:36 ` Eli Zaretskii
2018-07-06 18:15 ` Paul Eggert
2018-07-07 7:04 ` Eli Zaretskii
2018-07-07 10:30 ` Jimmy Yuen Ho Wong
2018-07-07 11:35 ` Eli Zaretskii
2018-07-05 20:46 ` Perry E. Metzger
2018-07-05 20:45 ` Perry E. Metzger
2018-07-06 6:29 ` Eli Zaretskii
2018-07-06 23:08 ` Richard Stallman
2018-07-07 12:18 ` Perry E. Metzger
2018-07-07 13:19 ` Eli Zaretskii
2018-07-07 13:46 ` Perry E. Metzger
2018-07-07 14:17 ` Eli Zaretskii
2018-07-07 15:25 ` Perry E. Metzger
2018-07-07 16:08 ` Eli Zaretskii
2018-07-07 23:46 ` Richard Stallman
2018-07-08 0:25 ` Perry E. Metzger
2018-07-08 2:44 ` Eli Zaretskii
2018-07-08 22:55 ` Richard Stallman
2018-07-07 14:32 ` Jimmy Yuen Ho Wong
2018-07-07 15:15 ` Perry E. Metzger
2018-07-07 15:39 ` Jimmy Yuen Ho Wong
2018-07-07 18:16 ` Paul Eggert
2018-07-07 23:03 ` Jimmy Yuen Ho Wong
2018-07-07 15:57 ` Eli Zaretskii
2018-07-07 23:45 ` Richard Stallman
2018-07-05 13:50 ` Jimmy Yuen Ho Wong
2018-07-05 15:30 ` Perry E. Metzger
2018-07-05 15:36 ` Stefan Monnier
2018-07-05 16:05 ` Perry E. Metzger
2018-07-05 22:44 ` Richard Stallman
2018-07-06 6:01 ` Eli Zaretskii
2018-06-23 0:00 ` Paul Eggert
2018-06-23 0:10 ` Stefan Monnier
2018-06-23 9:57 ` Lars Ingebrigtsen
2018-06-23 2:17 ` Noam Postavsky
2018-06-23 6:40 ` Eli Zaretskii
2018-06-23 10:21 ` Jimmy Yuen Ho Wong
2018-06-23 11:26 ` Eli Zaretskii
2018-06-23 22:28 ` Noam Postavsky
2018-06-24 14:23 ` Eli Zaretskii
2018-06-24 14:34 ` Lars Ingebrigtsen
2018-06-24 14:48 ` Noam Postavsky
2018-06-24 15:30 ` Eli Zaretskii
2018-06-24 16:57 ` Lars Ingebrigtsen
2018-06-24 17:10 ` Jimmy Yuen Ho Wong
2018-06-24 17:39 ` Lars Ingebrigtsen
2018-06-24 18:29 ` Jimmy Yuen Ho Wong
2018-06-24 18:51 ` Eli Zaretskii
2018-06-24 21:30 ` Jimmy Yuen Ho Wong
2018-06-25 1:25 ` Van L
2018-06-25 2:28 ` Jimmy Yuen Ho Wong
2018-06-25 2:38 ` Jimmy Yuen Ho Wong
2018-06-25 17:16 ` Eli Zaretskii
2018-06-25 17:25 ` Jimmy Yuen Ho Wong
2018-06-25 18:06 ` Jimmy Yuen Ho Wong
2018-06-24 20:58 ` Lars Ingebrigtsen
2018-06-24 21:07 ` Lars Ingebrigtsen
2018-06-24 22:47 ` Jimmy Yuen Ho Wong
2018-06-25 0:04 ` Lars Ingebrigtsen
2018-06-25 0:33 ` Noam Postavsky
2018-06-25 0:36 ` Lars Ingebrigtsen
2018-06-24 21:28 ` Noam Postavsky
2018-06-24 21:57 ` Lars Ingebrigtsen
2018-06-25 16:06 ` Eli Zaretskii
2018-06-25 16:29 ` Jimmy Yuen Ho Wong
2018-06-25 16:58 ` Lars Ingebrigtsen
2018-06-25 17:08 ` Jimmy Yuen Ho Wong
2018-06-25 17:18 ` Eli Zaretskii
2018-06-30 17:40 ` Jimmy Yuen Ho Wong
2018-06-30 18:04 ` Eli Zaretskii
2018-06-25 17:09 ` Eli Zaretskii
2018-06-25 17:17 ` Eli Zaretskii
2018-06-25 16:55 ` Lars Ingebrigtsen
2018-06-25 17:06 ` Eli Zaretskii
2018-06-25 17:20 ` Jimmy Yuen Ho Wong
2018-06-25 17:33 ` Lars Ingebrigtsen
2018-07-05 15:52 ` Perry E. Metzger
2018-07-05 15:58 ` Jimmy Yuen Ho Wong
2018-07-05 16:36 ` Perry E. Metzger
2018-07-05 16:51 ` Jimmy Yuen Ho Wong
2018-07-05 18:25 ` Perry E. Metzger
2018-07-05 18:32 ` Eli Zaretskii
2018-07-05 18:43 ` Noam Postavsky
2018-07-05 20:31 ` Perry E. Metzger
2018-07-08 11:43 ` Lars Ingebrigtsen
2018-07-08 14:48 ` Eli Zaretskii
2018-07-06 9:01 ` Eli Zaretskii
2018-07-05 15:33 ` Perry E. Metzger
2018-07-05 18:58 ` Eli Zaretskii
2018-07-06 8:36 ` Robert Pluim
2018-07-06 8:49 ` Eli Zaretskii
2018-07-06 9:35 ` Robert Pluim
2018-07-06 12:32 ` Eli Zaretskii
2018-07-06 12:52 ` Robert Pluim
2018-07-06 13:31 ` Eli Zaretskii
2018-07-06 9:45 ` Stephen Berman
2018-07-06 12:41 ` Eli Zaretskii
2018-07-06 13:50 ` Stephen Berman
2018-07-07 7:15 ` martin rudalics
2018-07-07 12:22 ` Stephen Berman
2018-07-07 13:22 ` Eli Zaretskii
2018-07-07 13:47 ` Stephen Berman
2018-07-08 8:11 ` martin rudalics
2018-07-05 15:10 ` Perry E. Metzger
2018-06-23 6:45 ` Eli Zaretskii
2018-06-23 10:34 ` Jimmy Yuen Ho Wong
2018-07-05 15:58 ` Perry E. Metzger
2018-07-05 19:20 ` Paul Eggert
2018-07-05 20:46 ` Perry E. Metzger
2018-07-05 22:44 ` Richard Stallman
2018-07-06 6:42 ` Jimmy Yuen Ho Wong
2018-07-06 8:16 ` Eli Zaretskii
2018-07-06 9:28 ` Robert Pluim
2018-07-06 13:18 ` Eli Zaretskii
2018-07-06 18:06 ` Jimmy Yuen Ho Wong
2018-07-06 18:48 ` Perry E. Metzger
2018-07-07 7:02 ` Eli Zaretskii
2018-07-07 9:36 ` Robert Pluim
2018-07-07 9:59 ` Jimmy Yuen Ho Wong
2018-07-07 10:01 ` Jimmy Yuen Ho Wong
2018-07-07 21:44 ` Ted Zlatanov
2018-07-07 21:59 ` Paul Eggert
2018-07-07 22:11 ` Jimmy Yuen Ho Wong
2018-07-09 23:09 ` Ted Zlatanov
2018-07-10 18:20 ` Jimmy Yuen Ho Wong
2018-07-10 18:36 ` Eli Zaretskii
2018-07-10 18:40 ` Jimmy Yuen Ho Wong
2018-07-10 18:58 ` Eli Zaretskii
2018-07-13 20:50 ` Jimmy Yuen Ho Wong
2018-07-14 6:37 ` Eli Zaretskii
2018-07-14 17:18 ` Jimmy Yuen Ho Wong
2018-07-14 18:25 ` Eli Zaretskii
2018-07-07 22:13 ` Jimmy Yuen Ho Wong
2018-07-09 13:09 ` Robert Pluim
2018-07-09 13:33 ` Jimmy Yuen Ho Wong
2018-07-09 13:43 ` Lars Ingebrigtsen
2018-07-09 13:49 ` Jimmy Yuen Ho Wong
2018-07-09 17:15 ` Eli Zaretskii
2018-07-09 17:24 ` Jimmy Yuen Ho Wong
2018-07-10 0:06 ` Perry E. Metzger
2018-07-10 0:03 ` Perry E. Metzger
2018-07-10 0:02 ` Perry E. Metzger
2018-07-06 13:03 ` Jimmy Yuen Ho Wong
2018-07-06 14:06 ` Eli Zaretskii
2018-07-06 21:24 ` Jimmy Yuen Ho Wong
2018-07-07 7:55 ` Eli Zaretskii
2018-07-08 14:06 ` Lars Ingebrigtsen
2018-07-08 14:54 ` Jimmy Yuen Ho Wong
2018-07-08 15:13 ` Lars Ingebrigtsen
2018-07-08 16:56 ` Jimmy Yuen Ho Wong
2018-07-08 17:06 ` Paul Eggert
2018-07-08 17:25 ` Jimmy Yuen Ho Wong
2018-07-08 17:53 ` Lars Ingebrigtsen
2018-07-08 18:54 ` Jimmy Yuen Ho Wong [this message]
2018-07-08 19:30 ` Lars Ingebrigtsen
2018-07-08 19:32 ` Jimmy Yuen Ho Wong
2018-07-08 22:56 ` Richard Stallman
2018-07-08 17:47 ` Lars Ingebrigtsen
2018-07-08 18:10 ` Eli Zaretskii
2018-07-08 18:12 ` Jimmy Yuen Ho Wong
2018-07-08 18:26 ` Eli Zaretskii
2018-07-08 18:39 ` Lars Ingebrigtsen
2018-07-08 18:53 ` Eli Zaretskii
2018-07-08 19:22 ` Jimmy Yuen Ho Wong
2018-07-09 16:57 ` Eli Zaretskii
2018-07-09 17:17 ` Jimmy Yuen Ho Wong
2018-07-09 17:36 ` Jimmy Yuen Ho Wong
2018-07-09 17:38 ` Jimmy Yuen Ho Wong
2018-07-09 18:04 ` Eli Zaretskii
2018-07-09 18:10 ` Jimmy Yuen Ho Wong
2018-07-09 18:33 ` Eli Zaretskii
2018-07-09 18:47 ` Jimmy Yuen Ho Wong
2018-07-10 16:10 ` Eli Zaretskii
2018-07-08 19:28 ` Lars Ingebrigtsen
2018-07-08 19:31 ` Jimmy Yuen Ho Wong
2018-07-09 17:04 ` Eli Zaretskii
2018-07-09 17:02 ` Eli Zaretskii
2018-07-09 17:09 ` Jimmy Yuen Ho Wong
2018-07-09 15:29 ` Jimmy Yuen Ho Wong
2018-07-09 16:35 ` Robert Pluim
2018-07-08 18:31 ` Jimmy Yuen Ho Wong
2018-07-08 18:42 ` Lars Ingebrigtsen
2018-07-08 19:28 ` Jimmy Yuen Ho Wong
2018-07-08 17:53 ` Eli Zaretskii
2018-07-08 19:16 ` Jimmy Yuen Ho Wong
2018-07-08 14:55 ` Eli Zaretskii
2018-07-08 14:58 ` Jimmy Yuen Ho Wong
2018-07-08 15:18 ` Eli Zaretskii
2018-07-08 15:16 ` Lars Ingebrigtsen
2018-07-06 16:53 ` Paul Eggert
2018-07-06 23:11 ` Richard Stallman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAKDRQS7RU5Fi3FPttQVgcRPvoeDC=uGdUbhHzPMmY=87uoR2EQ@mail.gmail.com' \
--to=wyuenho@gmail.com \
--cc=eggert@cs.ucla.edu \
--cc=emacs-devel@gnu.org \
--cc=larsi@gnus.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).