From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Lars Magne Ingebrigtsen <larsi@gnus.org>
Newsgroups: gmane.emacs.devel
Subject: Re: Network security manager
Date: Wed, 19 Nov 2014 15:35:35 +0100
Message-ID: <m3zjbncl6w.fsf@stories.gnus.org>
References: <m3zjbqouyk.fsf@stories.gnus.org>
	<jwvk32uq67g.fsf-monnier+emacs@gnu.org>
	<85a93pj1n5.fsf@stephe-leake.org> <m3oas5am0b.fsf@stories.gnus.org>
	<CAG-q9=Z7_T1-AYz=pYjvJeg1BM1i9VjYAu76V_pD5F7MpR8a2A@mail.gmail.com>
	<m3bno5igmh.fsf@stories.gnus.org>
	<87sihg7r73.fsf@alrua-karlstad.karlstad.toke.dk>
	<87a93oilxl.fsf@lifelogs.com>
	<87fvdg6xnn.fsf@alrua-karlstad.karlstad.toke.dk>
	<m3389gusli.fsf@stories.gnus.org>
	<878uj86wr4.fsf@alrua-karlstad.karlstad.toke.dk>
	<m3tx1wtbsz.fsf@stories.gnus.org>
	<87r3x05fze.fsf@alrua-karlstad.karlstad.toke.dk>
	<m361ectawm.fsf@stories.gnus.org>
	<87d28k5f17.fsf@alrua-karlstad.karlstad.toke.dk>
	<m3mw7oruge.fsf@stories.gnus.org>
	<87wq6r4tii.fsf@alrua-karlstad.karlstad.toke.dk>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
X-Trace: ger.gmane.org 1416407782 13205 80.91.229.3 (19 Nov 2014 14:36:22 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Wed, 19 Nov 2014 14:36:22 +0000 (UTC)
Cc: emacs-devel@gnu.org
To: Toke =?iso-8859-1?Q?H=F8iland-J=F8rgensen?= <toke@toke.dk>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Nov 19 15:36:16 2014
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Xr6Mg-0005lm-AS
	for ged-emacs-devel@m.gmane.org; Wed, 19 Nov 2014 15:36:14 +0100
Original-Received: from localhost ([::1]:58778 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Xr6Mf-00009S-Vv
	for ged-emacs-devel@m.gmane.org; Wed, 19 Nov 2014 09:36:13 -0500
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:34215)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <larsi@gnus.org>) id 1Xr6MX-00008w-Vq
	for emacs-devel@gnu.org; Wed, 19 Nov 2014 09:36:11 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <larsi@gnus.org>) id 1Xr6MS-0001oY-Kg
	for emacs-devel@gnu.org; Wed, 19 Nov 2014 09:36:05 -0500
Original-Received: from hermes.netfonds.no ([80.91.224.195]:55304)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <larsi@gnus.org>) id 1Xr6MR-0001je-V5
	for emacs-devel@gnu.org; Wed, 19 Nov 2014 09:36:00 -0500
Original-Received: from cm-84.215.51.58.getinternet.no ([84.215.51.58]
	helo=stories.gnus.org)
	by hermes.netfonds.no with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)
	(Exim 4.72) (envelope-from <larsi@gnus.org>)
	id 1Xr6M4-0005ev-9S; Wed, 19 Nov 2014 15:35:36 +0100
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAFVBMVEUjBhX59vD8/PwJAQmC
	UFHUvav36dJoJcG2AAACPUlEQVQ4jV2UsZLjIBBE5w588aK6VS7VSjFV2DllDY5tL5DLJfj/T7hG
	QrZvyczTTPc0BlJNj6WEMSSu1hhzKr/7jjYwYMdZD2x08w6+sCHdUirMfS15Ack35QngvIF1v/8w
	xjql2tLs1zv4NpqianP63tUrmCAxF3Dd1TcwQuKgsBLvItRXt8wuZ8+8T7IBmLLMl0U6B3V9fwEh
	OMa4BB/MTyBhNquc/gfDZKCds1KLkUI2L7tWYLycVHs1+hjnFwjWzQBznszxpvLjCT4tR4CchIn4
	Ij6qRj9IGefE+WqOGSvddzAyxRCit+aYUgh+d9V3EFnYOmtOOQfPVaPr+9RyZkbqFzSyVIGCekyX
	NsJszHOy4r6DToXMMYhNW5gdlDjmq0Ycf4qnFRTpXPbbNab4BKt4nksHHOsxFTBV0JVcEdWCTglR
	YsxakVNsIBMtxYSW0e+g95cGZaH0AwhenCv44gKWorwOPv2uoLMP1bZFOEcAaU977MO8ztLCEjK0
	RHdqxjyjBT5PnyEmZBz4SkJSM+Dg5tSGkJML6yImcaytumI/SZSG4AQjswrGtgBdSrwT9AJ5KcBo
	dp7kpMmcSK2dsofPpdweC2DIHDYwBEzHiJckEZWb6LZW6db6IHBO+gfwj8TeOFwfqmBrNboRbsyh
	ArNWrOA2hE/8pSaIbBU6AKh+bP5eKtAbOAA0RcWfcfk1xMvLAeDCZhfqflnfC2lLMwo7cH1Yiqhm
	iyX5CZpe2dXNtvQT9Nsz8gb+ATyq4jQ3pEOOAAAAAElFTkSuQmCC
X-Now-Playing: Lori Carson's _Everything I Touch Runs Wild (1)_: "Train"
X-Hashcash: 1:23:141119:emacs-devel@gnu.org::P/GJFY/OuJf4ZkjR:000000000000000000000000000000000000000000Byks
X-Hashcash: 1:23:141119:toke@toke.dk::Z62lallpJ8ZaNGE5:00000DB1X
In-Reply-To: <87wq6r4tii.fsf@alrua-karlstad.karlstad.toke.dk> ("Toke
	\=\?iso-8859-1\?Q\?H\=F8iland-J\=F8rgensen\=22's\?\= message of "Wed,
	19 Nov 2014 07:03:01 +0100")
User-Agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/24.4.51 (gnu/linux)
X-MailScanner-ID: 1Xr6M4-0005ev-9S
MailScanner-NULL-Check: 1417012536.45786@jq78zI1UW2AewuqHWYFRFQ
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 80.91.224.195
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:177753
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/177753>

Toke H=F8iland-J=F8rgensen <toke@toke.dk> writes:

> Once the fingerprint is stored, though, it fails in weird ways. I tried
> manually modifying the fingerprint in the network-security.data file (to
> make verification fail). This elicits this behaviour:
>
> - On security levels high and paranoid, verification just fails silently
>   (open-network-stream returns nil), with no option to update the stored
>   fingerprint.

I edited a fingerprint, set the level to `high', and then reconnected.
It notified me that it had changed, and then returned the process.  So I
seem to be unable to reproduce this.

This is my test case:

(setq process
      (open-network-stream
       "nntpd" (get-buffer-create "*nntp*") "google.com" "https"
       :type 'tls))

> - On security levels low and medium, verification *succeeds*, even
>   though a fingerprint is stored that does not match the certificate.
>
> I would consider especially the second point to be a big no-no; even if
> the security level is subsequently lowered, having a stored fingerprint
> should take precedence and fail the verification. Maybe the "continue
> anyway" could cause the stored fingerprint to be removed, but just
> continuing regardless is bad IMO.

No I think that's the correct behaviour.  If you want `medium' security,
you only care about whether the certificate is valid or not.  And the
google.com certificate is valid, even though it changed.

--=20
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no