all messages for Emacs-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
From: Nix <nix@esperi.org.uk>
To: "Toke Høiland-Jørgensen" <toke@toke.dk>
Cc: Eli Zaretskii <eliz@gnu.org>, larsi@gnus.org, emacs-devel@gnu.org
Subject: Re: gnutls tofu support? or even --insecure?
Date: Wed, 12 Aug 2015 14:21:49 +0100	[thread overview]
Message-ID: <87h9o47ic2.fsf@esperi.org.uk> (raw)
In-Reply-To: <874mk5yh1t.fsf@toke.dk> ("Toke \=\?utf-8\?Q\?H\=C3\=B8iland-J\?\= \=\?utf-8\?Q\?\=C3\=B8rgensen\=22's\?\= message of "Tue, 11 Aug 2015 17:35:10 +0200")

On 11 Aug 2015, Toke Høiland-Jørgensen outgrape:

> Well, the outcome was that the new network manager functionality would
> replicate the tofu functionality in lisp and delegate only the
> certificate checking to gnutls. But I lost track of what happened after
> that; think the functionality was merged?

It was, but I'm still being asked about certs on every Emacs restart --
it doesn't seem to be remembering anything persistently.

It's clearly not the same as --tofu -- if gnutls doesn't like a
connection, it's not going to let you in, even if it connected perfectly
well to it in the past. This is true *no matter what* Emacs does -- I
don't see how you can possibly hope to replicate the 'connected fine
before, connect again without cert complaint or checking the cert chain'
without actually telling gnutls not to check the cert chain... which
this fault suggests is not happening.

-- 
NULL && (void)



  reply	other threads:[~2015-08-12 13:21 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-08-11 12:11 gnutls tofu support? or even --insecure? Nix
2015-08-11 15:16 ` Eli Zaretskii
2015-08-11 15:35   ` Toke Høiland-Jørgensen
2015-08-12 13:21     ` Nix [this message]
2015-08-19 14:09       ` Ted Zlatanov
2015-09-04 16:09         ` Nix
2015-08-30 11:11     ` Lars Magne Ingebrigtsen
2015-08-12 13:19   ` Nix
2015-08-12 18:39     ` Steinar Bang
2015-08-13 11:50       ` Nix

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87h9o47ic2.fsf@esperi.org.uk \
    --to=nix@esperi.org.uk \
    --cc=eliz@gnu.org \
    --cc=emacs-devel@gnu.org \
    --cc=larsi@gnus.org \
    --cc=toke@toke.dk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/emacs.git
	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.