From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Ted Zlatanov <tzz@lifelogs.com>
Newsgroups: gmane.emacs.devel
Subject: Re: Network security manager
Date: Tue, 18 Nov 2014 12:23:27 -0500
Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos
Message-ID: <87a93oh180.fsf@lifelogs.com>
References: <m3zjbqouyk.fsf@stories.gnus.org>
	<jwvk32uq67g.fsf-monnier+emacs@gnu.org>
	<85a93pj1n5.fsf@stephe-leake.org> <m3oas5am0b.fsf@stories.gnus.org>
	<CAG-q9=Z7_T1-AYz=pYjvJeg1BM1i9VjYAu76V_pD5F7MpR8a2A@mail.gmail.com>
	<m3bno5igmh.fsf@stories.gnus.org>
	<87sihg7r73.fsf@alrua-karlstad.karlstad.toke.dk>
	<87a93oilxl.fsf@lifelogs.com> <m3h9xw5xyd.fsf@stories.gnus.org>
	<87oas4h555.fsf@lifelogs.com> <m3d28kfpte.fsf@stories.gnus.org>
	<m31tp0h3fa.fsf@stories.gnus.org> <m3wq6sfolx.fsf@stories.gnus.org>
	<m3sihgfnq8.fsf@stories.gnus.org>
Reply-To: emacs-devel@gnu.org
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: ger.gmane.org 1416331429 21447 80.91.229.3 (18 Nov 2014 17:23:49 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Tue, 18 Nov 2014 17:23:49 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Tue Nov 18 18:23:42 2014
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1XqmVA-0007dh-K6
	for ged-emacs-devel@m.gmane.org; Tue, 18 Nov 2014 18:23:40 +0100
Original-Received: from localhost ([::1]:54453 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1XqmVA-00046l-7U
	for ged-emacs-devel@m.gmane.org; Tue, 18 Nov 2014 12:23:40 -0500
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:33384)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1XqmUo-0003x5-UY
	for emacs-devel@gnu.org; Tue, 18 Nov 2014 12:23:26 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1XqmUi-0005nI-4C
	for emacs-devel@gnu.org; Tue, 18 Nov 2014 12:23:18 -0500
Original-Received: from plane.gmane.org ([80.91.229.3]:54541)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1XqmUh-0005nC-UR
	for emacs-devel@gnu.org; Tue, 18 Nov 2014 12:23:12 -0500
Original-Received: from list by plane.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1XqmUh-0007Rg-1s
	for emacs-devel@gnu.org; Tue, 18 Nov 2014 18:23:11 +0100
Original-Received: from c-98-229-61-72.hsd1.ma.comcast.net ([98.229.61.72])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Tue, 18 Nov 2014 18:23:11 +0100
Original-Received: from tzz by c-98-229-61-72.hsd1.ma.comcast.net with local (Gmexim
	0.1 (Debian)) id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Tue, 18 Nov 2014 18:23:11 +0100
X-Injected-Via-Gmane: http://gmane.org/
Mail-Followup-To: emacs-devel@gnu.org
Original-Lines: 21
Original-X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: c-98-229-61-72.hsd1.ma.comcast.net
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
	d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
	D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
Mail-Copies-To: never
User-Agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/25.0.50 (gnu/linux)
Cancel-Lock: sha1:khUJavmnirxrSV4SHEjJbB/Leu8=
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 80.91.229.3
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:177597
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/177597>

On Tue, 18 Nov 2014 18:00:15 +0100 Lars Magne Ingebrigtsen <larsi@gnus.org> wrote: 

LMI> I just had an interesting user interface experience.
LMI> eww loads images asynchronously, and one of the images that it tried to
LMI> fetch had an invalid certificate, so the NSM queried me about this
LMI> certificate.  Which was kinda surprising, since I was in the middle of
LMI> typing something else...

LMI> I see at least two ways of dealing with this:

LMI> 1) Drop certificate checking for images in shr.  I mean, do we care?

I think we care.

LMI> 2) If being run from the async context (how do we check for that?),
LMI> refuse to handle insecure TLS connections silently.

Works for me, as long as the errors are reviewable in the NSM.  I should
be able to go somewhere and hit a button "allow this cert from now on".

Ted