From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Mark H Weaver Newsgroups: gmane.emacs.bugs Subject: bug#18600: 24.3.94; EWW fails to check https certificates Date: Sat, 04 Oct 2014 19:24:41 -0400 Message-ID: <87h9zj5sg6.fsf@yeeloong.lan> References: <871tqr81jg.fsf@netris.org> <51r3yorc4p.fsf@fencepost.gnu.org> <87tx3jiknk.fsf@lifelogs.com> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: ger.gmane.org 1412465186 5340 80.91.229.3 (4 Oct 2014 23:26:26 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Sat, 4 Oct 2014 23:26:26 +0000 (UTC) Cc: 18600@debbugs.gnu.org To: Glenn Morris Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Sun Oct 05 01:26:18 2014 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1XaYiQ-00077B-0B for geb-bug-gnu-emacs@m.gmane.org; Sun, 05 Oct 2014 01:26:18 +0200 Original-Received: from localhost ([::1]:45617 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XaYiP-0007vY-Km for geb-bug-gnu-emacs@m.gmane.org; Sat, 04 Oct 2014 19:26:17 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:45970) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XaYiI-0007vE-E6 for bug-gnu-emacs@gnu.org; Sat, 04 Oct 2014 19:26:15 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XaYiA-0005uL-MZ for bug-gnu-emacs@gnu.org; Sat, 04 Oct 2014 19:26:10 -0400 Original-Received: from debbugs.gnu.org ([140.186.70.43]:41756) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XaYiA-0005uB-JS for bug-gnu-emacs@gnu.org; Sat, 04 Oct 2014 19:26:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80) (envelope-from ) id 1XaYi9-00075p-SE for bug-gnu-emacs@gnu.org; Sat, 04 Oct 2014 19:26:01 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Mark H Weaver Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sat, 04 Oct 2014 23:26:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 18600 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: security Original-Received: via spool by 18600-submit@debbugs.gnu.org id=B18600.141246511127184 (code B ref 18600); Sat, 04 Oct 2014 23:26:01 +0000 Original-Received: (at 18600) by debbugs.gnu.org; 4 Oct 2014 23:25:11 +0000 Original-Received: from localhost ([127.0.0.1]:33320 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XaYhK-00074L-RB for submit@debbugs.gnu.org; Sat, 04 Oct 2014 19:25:11 -0400 Original-Received: from world.peace.net ([96.39.62.75]:52874) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XaYhH-00074B-MB for 18600@debbugs.gnu.org; Sat, 04 Oct 2014 19:25:08 -0400 Original-Received: from c-24-62-95-23.hsd1.ma.comcast.net ([24.62.95.23] helo=yeeloong.lan) by world.peace.net with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1XaYh9-0005tl-DS; Sat, 04 Oct 2014 19:24:59 -0400 In-Reply-To: <87tx3jiknk.fsf@lifelogs.com> (Ted Zlatanov's message of "Sat, 04 Oct 2014 17:34:39 -0400") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:94142 Archived-At: Ted Zlatanov writes: > On Fri, 03 Oct 2014 19:01:42 -0400 Glenn Morris wrote: > > GM> Mark H Weaver wrote: >>> I used EWW to visit an https website that uses a self-signed and >>> long-expired https certificate. It failed to notify me of any problem. > > GM> Setting gnutls-verify-error non-nil may help (I don't know what it does > GM> with self-signed certificates). > > Emacs will reject such certificates then. I tested that as part of > http://debbugs.gnu.org/16978 and would appreciate Mark's verification. Yes, that works, thanks. > After 24.4 (now 25.1) is released it will be t by default. Mark, can we > close this bug since http://debbugs.gnu.org/16978 already has all the info? I almost closed the bug myself, but on second thought I think this case of eww https warrants special consideration, independent of the more general question of how 'open-gnutls-stream' should behave by default. There are a few reasons for this: 1. In the case of imaps, smtps, xmpp, etc, the most common use case is to connect to a single server only for each of these protocols, and very often that's one's own server with self-signed certs. 2. In the case of https, the typical use cases are very different, as are the expectations. When browsing the web, one typically talks to a very large number of https servers. More often than not, these servers have certificates signed by a well-known CA. (Ideally it should be possible to disable checking based on URL). 3. Emacs 24.4 will be the first release that includes eww, so there are no preexisting users of eww that would be annoyed by suddenly having their existing functionality stop working. With these in mind, I have two recommendations: * I believe that eww https should check certificates by default in 24.4, even though other tls connections are tolerant by default. * At minimum, it should be possible to enable certificate checking for eww https connections while still allowing self-signed certificates for other uses of 'open-gnutls-stream' such as imaps and smtps. This is fairly common case. IMO, anyway. If you disagree, I'll defer to your judgment, but my feeling is that the current behavior would not be well received. Thanks, Mark