From: Ted Zlatanov <tzz@lifelogs.com>
To: emacs-devel@gnu.org
Subject: Re: using GnuTLS 3.x and certificate checks
Date: Sat, 18 May 2013 22:57:31 -0400 [thread overview]
Message-ID: <877giv7k2s.fsf@lifelogs.com> (raw)
In-Reply-To: 874nfenmya@ch.ristopher.com
On Wed, 10 Apr 2013 21:35:18 +0100 (BST) Christopher Schmidt <christopher@ch.ristopher.com> wrote:
CS> Ted Zlatanov <tzz@lifelogs.com> writes:
>> This would also be a good time to enable SSL certificate verification
>> by default.
CS> That's a great idea.
CS> What do you think about a user-customizable verification mechanism?
CS> This could be as simple as passing host, port and the PEM-encoded cert
CS> chain to a regular function that will return non-nil if the verification
CS> failed.
I like your idea, the problem is that often it will be triggered at very
inconvenient times. Emacs, unlike most other environments with this
capability, doesn't deal well with interrupting network I/O to ask the
user questions... not to mention the TCP exchange itself could be
aborted, or the whole thing could be running unattended (--batch for
example).
I think Lars and many others have brought up these issues before, mostly
on the bug tracker over the last year or two.
To start the planning, is there a way to tell Emacs "run this function,
but if we're not interactive or if the user has not answered in 30
seconds, proceed as if they answered 'n' to everything"? I think that
would be better than writing special code just for GnuTLS. But I'm open
to suggestions either way.
Ted
next prev parent reply other threads:[~2013-05-19 2:57 UTC|newest]
Thread overview: 91+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-23 14:32 Anyone building Emacs trunk with MinGW w64 (32 bits) Óscar Fuentes
2013-03-23 15:25 ` Eli Zaretskii
2013-03-23 15:49 ` Óscar Fuentes
2013-03-23 17:49 ` Eli Zaretskii
2013-03-23 19:47 ` Andy Moreton
2013-03-23 20:06 ` Eli Zaretskii
2013-03-23 20:18 ` Cross-compiling with MinGW on GNU/Linux (was: Anyone building Emacs trunk with MinGW w64 (32 bits)) Óscar Fuentes
2013-03-23 20:27 ` Eli Zaretskii
2013-03-24 9:08 ` 64-bit port " cg
2013-03-24 14:00 ` Fabrice Popineau
2013-03-24 15:11 ` 64-bit port cg
2013-03-26 21:05 ` Fabrice Popineau
2013-03-24 15:40 ` 64-bit port (was: Anyone building Emacs trunk with MinGW w64 (32 bits)) Eli Zaretskii
2013-03-25 13:57 ` Anyone building Emacs trunk with MinGW w64 (32 bits) Eli Zaretskii
2013-03-25 17:09 ` Óscar Fuentes
2013-03-25 20:30 ` Eli Zaretskii
2013-03-25 20:49 ` Óscar Fuentes
2013-03-26 2:24 ` Stefan Monnier
2013-03-26 6:34 ` Eli Zaretskii
2013-03-26 11:10 ` Óscar Fuentes
2013-03-26 12:07 ` Eli Zaretskii
2013-03-26 12:34 ` Óscar Fuentes
2013-03-26 13:24 ` Eli Zaretskii
2013-03-26 16:17 ` Óscar Fuentes
2013-03-26 16:32 ` Eli Zaretskii
2013-03-25 17:41 ` Óscar Fuentes
2013-03-25 18:44 ` rzl24ozi
2013-03-25 19:11 ` Óscar Fuentes
2013-03-25 19:46 ` Óscar Fuentes
2013-03-25 20:48 ` Eli Zaretskii
2013-03-25 21:30 ` Óscar Fuentes
2013-03-25 21:37 ` Óscar Fuentes
2013-03-25 22:02 ` Eli Zaretskii
2013-03-25 22:07 ` Eli Zaretskii
2013-03-26 8:25 ` Eli Zaretskii
2013-03-26 11:48 ` Óscar Fuentes
2013-03-26 12:42 ` Eli Zaretskii
2013-03-26 13:54 ` Eli Zaretskii
2013-03-26 14:06 ` Eli Zaretskii
2013-03-26 20:49 ` Óscar Fuentes
2013-03-26 21:24 ` Eli Zaretskii
2013-03-26 21:58 ` Óscar Fuentes
2013-03-26 22:30 ` Óscar Fuentes
2013-03-27 7:24 ` Eli Zaretskii
2013-03-25 20:38 ` Eli Zaretskii
2013-03-25 21:24 ` Eli Zaretskii
2013-03-25 21:33 ` Eli Zaretskii
2013-03-25 21:35 ` Óscar Fuentes
2013-03-25 23:41 ` rzl24ozi
2013-03-26 1:40 ` Óscar Fuentes
2013-03-26 6:42 ` Eli Zaretskii
2013-03-26 9:41 ` rzl24ozi
2013-03-26 13:52 ` rzl24ozi
2013-03-26 14:17 ` Eli Zaretskii
2013-03-26 15:48 ` rzl24ozi
2013-03-26 16:07 ` Eli Zaretskii
2013-03-26 17:38 ` Eli Zaretskii
2013-03-26 18:13 ` rzl24ozi
2013-03-26 18:57 ` Eli Zaretskii
2013-03-26 20:17 ` Óscar Fuentes
2013-03-26 20:34 ` Eli Zaretskii
2013-03-27 8:17 ` rzl24ozi
2013-03-27 8:41 ` Eli Zaretskii
2013-03-27 9:34 ` rzl24ozi
2013-03-27 10:10 ` Eli Zaretskii
2013-03-27 11:35 ` rzl24ozi
2013-03-27 12:03 ` Eli Zaretskii
2013-03-27 12:57 ` rzl24ozi
2013-03-27 13:27 ` Eli Zaretskii
2013-03-27 22:03 ` rzl24ozi
2013-03-28 6:40 ` Eli Zaretskii
2013-03-27 13:17 ` using GnuTLS 3.x and certificate checks (was: Anyone building Emacs trunk with MinGW w64 (32 bits)) Ted Zlatanov
2013-04-10 20:35 ` using GnuTLS 3.x and certificate checks Christopher Schmidt
2013-05-19 2:57 ` Ted Zlatanov [this message]
2013-05-19 19:34 ` Christopher Schmidt
2013-05-19 22:59 ` Ted Zlatanov
2013-06-05 15:07 ` Ted Zlatanov
2013-06-05 15:59 ` Christopher Schmidt
2013-06-05 15:08 ` Ted Zlatanov
2013-06-05 17:44 ` Stefan Monnier
2013-06-05 18:03 ` Ted Zlatanov
2013-06-05 18:42 ` Stefan Monnier
2013-06-05 15:13 ` Ted Zlatanov
2013-06-05 20:55 ` Ted Zlatanov
2013-06-06 13:06 ` Ted Zlatanov
2013-10-07 22:24 ` Ted Zlatanov
2013-10-10 23:20 ` Ted Zlatanov
2013-10-10 23:37 ` Glenn Morris
2013-10-11 13:48 ` Ted Zlatanov
2013-03-26 14:33 ` Anyone building Emacs trunk with MinGW w64 (32 bits) Eli Zaretskii
2013-03-26 16:56 ` rzl24ozi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=877giv7k2s.fsf@lifelogs.com \
--to=tzz@lifelogs.com \
--cc=emacs-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.