From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail
From: Eli Zaretskii <eliz@gnu.org>
Newsgroups: gmane.emacs.devel
Subject: Re: The netsec thread
Date: Fri, 23 Aug 2019 15:43:29 +0300
Message-ID: <83r25cjbm6.fsf@gnu.org>
References: <m3fu0ef8gg.fsf@gnus.org> <86zhyh7nli.fsf@gmail.com>
 <m3h8kpniry.fsf@gnus.org> <86pnzdrn8u.fsf@gmail.com>
 <vz1o9ewkfw1.fsf@gmail.com>
 <CAM-tV-_WgrdfkP0uHJ__D01CCNf-=Nw-Dr3p2sxUUqN6F+6PAg@mail.gmail.com>
 <CAKDRQS6fiJHEuXp5ws1BaEQaYOeqwanMpYjd77PXHV4izKTObQ@mail.gmail.com>
 <m3d0hu3twb.fsf@gnus.org> <834l36koak.fsf@gnu.org>
 <m3y30i2d0q.fsf@gnus.org> <m24l35nutw.fsf@gmail.com>
 <m3tvb5w0rf.fsf@gnus.org> <m2wog1gcrg.fsf@gmail.com>
 <m3y30fu5cf.fsf@gnus.org> <m28ssfhdjo.fsf@gmail.com>
 <m3imrj642q.fsf@gnus.org> <m236inh8ad.fsf@gmail.com>
 <m2h86tnos5.fsf@gmail.com> <87pnlg7r83.fsf@mouse.gnus.org>
 <87o90gd1us.fsf@mouse.gnus.org> <838srkb64w.fsf@gnu.org>
 <87ef1cb3ua.fsf@gnus.org>
Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226";
	logging-data="10460"; mail-complaints-to="usenet@blaine.gmane.org"
Cc: rpluim@gmail.com, emacs-devel@gnu.org
To: Lars Ingebrigtsen <larsi@gnus.org>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Aug 23 14:45:29 2019
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by blaine.gmane.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.89)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1i18wY-0002Z8-JW
	for ged-emacs-devel@m.gmane.org; Fri, 23 Aug 2019 14:45:26 +0200
Original-Received: from localhost ([::1]:55590 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1i18wX-0007o0-48
	for ged-emacs-devel@m.gmane.org; Fri, 23 Aug 2019 08:45:25 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:33414)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <eliz@gnu.org>) id 1i18ui-0006yY-4p
 for emacs-devel@gnu.org; Fri, 23 Aug 2019 08:43:33 -0400
Original-Received: from fencepost.gnu.org ([2001:470:142:3::e]:41924)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@gnu.org>)
 id 1i18uh-0000rB-TD; Fri, 23 Aug 2019 08:43:31 -0400
Original-Received: from [176.228.60.248] (port=4655 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <eliz@gnu.org>)
 id 1i18uc-0001pu-J7; Fri, 23 Aug 2019 08:43:29 -0400
In-reply-to: <87ef1cb3ua.fsf@gnus.org> (message from Lars Ingebrigtsen on Fri, 
 23 Aug 2019 11:58:37 +0200)
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: "Emacs-devel" <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Xref: news.gmane.org gmane.emacs.devel:239518
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/239518>

> From: Lars Ingebrigtsen <larsi@gnus.org>
> Cc: rpluim@gmail.com,  emacs-devel@gnu.org
> Date: Fri, 23 Aug 2019 11:58:37 +0200
> 
> @item @acronym{RC4} stream cipher
> The @acronym{RC4} stream cipher is believed to be of low quality and
> may allow eavesdropping by third parties.  (This is the @code{rc4}
> check in @code{network-security-protocol-checks}).
> 
> I think this is of interest of absolutely zero reading the Emacs manual,
> and is basically security showoffery.  (That's a word.)  The user just
> needs to know that we're doing a best-effort er effort to adhere to best
> practices, and if they're really really interested, they can read the
> doc string to, say, `nsm-protocol-check--dhe-prime-kx', or any of the
> other `nsm-protocol-check--*' functions, each of which has an essay in
> the doc string now.
> 
> So I'd like to propose to remove most of the text about the specific
> tests in the "Network Security" node in the Emacs manual (saving
> precious pages) and just refer the user to the doc strings.

I'm firmly against removing existing documentation.  I simply don't
believe it could ever do any harm.

Specifically, regarding these issues, I don't like the paternalistic
attitude "believe us we're doing the best-effort job to adhere to best
practices".  Nothing and no one can assure we know best in every
particular situation, so leaving the knobs for users to DTRT when we
don't cannot be wrong.

I might agree to making the manual descriptions shorter, like
mentioning the variables and pointing to the doc strings for their
detailed descriptions.  But this is only acceptable if the text in the
manual is little more than a copy of the doc string; otherwise we
should enhance the doc strings to tell more.

Thanks.