From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Lars Magne Ingebrigtsen <larsi@gnus.org>
Newsgroups: gmane.emacs.devel
Subject: Re: Network security manager
Date: Tue, 18 Nov 2014 16:45:31 +0100
Message-ID: <m3wq6sfr6s.fsf@stories.gnus.org>
References: <m3zjbqouyk.fsf@stories.gnus.org>
	<jwvk32uq67g.fsf-monnier+emacs@gnu.org>
	<85a93pj1n5.fsf@stephe-leake.org> <m3oas5am0b.fsf@stories.gnus.org>
	<CAG-q9=Z7_T1-AYz=pYjvJeg1BM1i9VjYAu76V_pD5F7MpR8a2A@mail.gmail.com>
	<m3bno5igmh.fsf@stories.gnus.org> <m3fvdhgzcl.fsf@stories.gnus.org>
	<m3ppck7eq9.fsf@stories.gnus.org> <8761ecilmh.fsf@lifelogs.com>
	<m3d28k5xvy.fsf@stories.gnus.org> <m34mtwh5zv.fsf@stories.gnus.org>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: ger.gmane.org 1416325582 14212 80.91.229.3 (18 Nov 2014 15:46:22 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Tue, 18 Nov 2014 15:46:22 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Tue Nov 18 16:46:16 2014
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Xqkyu-00043Z-6f
	for ged-emacs-devel@m.gmane.org; Tue, 18 Nov 2014 16:46:16 +0100
Original-Received: from localhost ([::1]:53864 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Xqkyt-0005Ww-PA
	for ged-emacs-devel@m.gmane.org; Tue, 18 Nov 2014 10:46:15 -0500
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:33208)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <larsi@gnus.org>) id 1Xqkyc-0005We-30
	for emacs-devel@gnu.org; Tue, 18 Nov 2014 10:46:03 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <larsi@gnus.org>) id 1XqkyW-0003Jp-RB
	for emacs-devel@gnu.org; Tue, 18 Nov 2014 10:45:58 -0500
Original-Received: from hermes.netfonds.no ([80.91.224.195]:45243)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <larsi@gnus.org>) id 1XqkyW-0003Jb-KW
	for emacs-devel@gnu.org; Tue, 18 Nov 2014 10:45:52 -0500
Original-Received: from cm-84.215.51.58.getinternet.no ([84.215.51.58]
	helo=stories.gnus.org)
	by hermes.netfonds.no with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)
	(Exim 4.72) (envelope-from <larsi@gnus.org>) id 1XqkyC-0007Z6-A5
	for emacs-devel@gnu.org; Tue, 18 Nov 2014 16:45:32 +0100
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAGFBMVEX079jy7dYLCQcFAwHX
	0bsaGBX38tthXlP7+OhYAAACQElEQVQ4jWXTvW+rMBAA8LOUuqv9lIbd1GLnilhLQsIcwGKlEnLW
	Aon499+Zr4T3WBL55/Od7TOYytbcbr80TTMwAQDM0qTrlBuYSshFzvg7z5AOpJxjfgr8mibkeeZA
	cJK6hnfEWNQEnVLeFEFkR0DdVQd7fALUFMQKEgzbJ1ASC0yyHiOS4PLnBWi+lB5ejz6G5ZtS2QSM
	IgCEfCSdojwfK8gRGEv2eYehGhZgwhVFRwNecPRDVb4AJ7C7tCtdRDCBgHHn8JPlfvQtC3yF2ta7
	hzEYf0OPSufzUmPER0vlYiBOqNScY1rrLNiRtld2Po3nLzBAk38VoS7UE5jLMoizup5RoXIhw1Qu
	nfwO70WY7NHHMccw71x8exhiKWTuRvUMTML+t0c0QwtHB8EMdOn7kkBj1RL46r4uBdDRJcX3U9zT
	eOApvQLtDavyVLpLvN7WCAF7GlBx5X6Cwwq0Q2YUFfrlDiWxjVHVApA5+CRouaWin+A5aE8YXax9
	VxMIJgR4IbVB0mNMPUk5gjm5GMuKZI/XDVAfOMCkGNt6ATbmcFBhJP6FnZ87cilss8DYifeP/8Fd
	FIg3B3ixm+SuEye4Ehw3wN9HiLcgLGcEOkd9GV/UGlHzRp59c1amlXwDsE9TbVJjyhQ6nS/lUrMn
	KY2mD1Olt2Ho5gh6tpzXmR9RaZFsCPTzqVn3miHD8LBNDk1Pry/zMTrY/OXYOdCJVDvqhcCdiNJL
	J/JdEd0FtXsU8QWG8Xso+kNrVHoYDH1/ASgp5OSCuGzXAAAAAElFTkSuQmCC
X-Now-Playing: Arto Lindsay's _Salt_: "Salt"
X-Hashcash: 1:23:141118:emacs-devel@gnu.org::kLU87ngXCoQF8+UE:000000000000000000000000000000000000000000SPIp
In-Reply-To: <m34mtwh5zv.fsf@stories.gnus.org> (Lars Magne Ingebrigtsen's
	message of "Tue, 18 Nov 2014 16:40:20 +0100")
User-Agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/24.4.51 (gnu/linux)
X-MailScanner-ID: 1XqkyC-0007Z6-A5
MailScanner-NULL-Check: 1416930332.46957@v+9XBRULj+XkdKvi0qVFpA
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 80.91.224.195
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:177568
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/177568>

Lars Magne Ingebrigtsen <larsi@gnus.org> writes:

> It already does.  Does anybody know of https sites with interesting
> types of un-verifiable certificates so that I can test?  Self-signed or
> expired certificates would be nice...

Found one.  And it just works:

-------
Issuer: O=Cybertrust Inc,CN=Cybertrust Public SureServer SV CA
Host informasjon: C=US,ST=MA,L=Cambridge,O=Akamai Technologies\, Inc.,CN=a248.e.akamai.net
Public key: RSA, signature: RSA-SHA1, security level: Low
Valid from: 2014-06-12, valid to: 2015-06-12

The TLS connection to tv.eurosport.com:443 is insecure
for the following reason:

certificate host does not match hostname

Continue connecting? (No, Session only, Always)
------

The issuer and host information has to be formatted prettier, though.
And is it at all interesting to display the "Public key: RSA, signature:
RSA-SHA1" bits?

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no