From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Richard Stallman Newsgroups: gmane.emacs.devel Subject: Re: Bug#766395: emacs/gnus: Uses s_client to for SSL. Date: Sat, 25 Oct 2014 21:42:38 -0400 Message-ID: References: <20141022193441.GA11872@roeckx.be> <87zjcnj2k6.fsf@trouble.defaultvalue.org> <87mw8mzmxj.fsf@mid.deneb.enyo.de> <20141023143702.3897e618@jabberwock.cb.piermont.com> <8761fazkx7.fsf@mid.deneb.enyo.de> <20141023145721.12ed0820@jabberwock.cb.piermont.com> <87vbnay5lf.fsf@mid.deneb.enyo.de> <20141023154223.45f2c9eb@jabberwock.cb.piermont.com> <874muuihjh.fsf@uwakimon.sk.tsukuba.ac.jp> <20141023230048.13f8234a@jabberwock.cb.piermont.com> <87wq7pgpif.fsf@uwakimon.sk.tsukuba.ac.jp> <20141024171421.78720abe@jabberwock.cb.piermont.com> <87h9ys890o.fsf@lifelogs.com> Reply-To: rms@gnu.org NNTP-Posting-Host: plane.gmane.org Content-Type: text/plain; charset=ISO-8859-15 X-Trace: ger.gmane.org 1414287776 6439 80.91.229.3 (26 Oct 2014 01:42:56 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Sun, 26 Oct 2014 01:42:56 +0000 (UTC) Cc: emacs-devel@gnu.org To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sun Oct 26 02:42:51 2014 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1XiCr5-0000RA-F7 for ged-emacs-devel@m.gmane.org; Sun, 26 Oct 2014 02:42:51 +0100 Original-Received: from localhost ([::1]:55067 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XiCr5-0002bu-4R for ged-emacs-devel@m.gmane.org; Sat, 25 Oct 2014 21:42:51 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:42518) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XiCqt-0002bo-Gj for emacs-devel@gnu.org; Sat, 25 Oct 2014 21:42:40 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XiCqs-0003yU-Ld for emacs-devel@gnu.org; Sat, 25 Oct 2014 21:42:39 -0400 Original-Received: from fencepost.gnu.org ([2001:4830:134:3::e]:47384) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XiCqs-0003yQ-J0 for emacs-devel@gnu.org; Sat, 25 Oct 2014 21:42:38 -0400 Original-Received: from rms by fencepost.gnu.org with local (Exim 4.71) (envelope-from ) id 1XiCqs-00045u-2A; Sat, 25 Oct 2014 21:42:38 -0400 In-reply-to: <87h9ys890o.fsf@lifelogs.com> (message from Ted Zlatanov on Sat, 25 Oct 2014 11:27:19 -0400) X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2001:4830:134:3::e X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:175844 Archived-At: [[[ To any NSA and FBI agents reading my email: please consider ]]] [[[ whether defending the US Constitution against all enemies, ]]] [[[ foreign or domestic, requires you to follow Snowden's example. ]]] Yes, I'm very concerned that we will turn on GnuTLS verification and make the priority string more strict, and users will conclude Emacs is broken. Then we'll see the advice "oh just go back to s_client and you'll be fine." This could happen if users don't understand the issue. Is it feasible to warn users about this whenever it is about to fall back to SSL3 in cases where that would cause a danger? -- Dr Richard Stallman President, Free Software Foundation 51 Franklin St Boston MA 02110 USA www.fsf.org www.gnu.org Skype: No way! That's nonfree (freedom-denying) software. Use Ekiga or an ordinary phone call.