From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.devel Subject: Re: NSM certificate prompt Date: Sat, 13 Dec 2014 20:38:20 -0500 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: <87iohfyprn.fsf@lifelogs.com> References: <83a92r625n.fsf@gnu.org> <87wq5vefiz.fsf@gmx.de> <83388j5wrs.fsf@gnu.org> <87mw6reaxu.fsf@gmx.de> <83y4qb4eeg.fsf@gnu.org> <83vblf4b2p.fsf@gnu.org> <87r3w3z60b.fsf@lifelogs.com> <83r3w348m8.fsf@gnu.org> Reply-To: emacs-devel@gnu.org NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: ger.gmane.org 1418521089 1867 80.91.229.3 (14 Dec 2014 01:38:09 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Sun, 14 Dec 2014 01:38:09 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sun Dec 14 02:38:02 2014 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1Xzy8G-0005Oy-1O for ged-emacs-devel@m.gmane.org; Sun, 14 Dec 2014 02:38:00 +0100 Original-Received: from localhost ([::1]:34743 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Xzy8F-0000Tx-Kk for ged-emacs-devel@m.gmane.org; Sat, 13 Dec 2014 20:37:59 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:51021) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Xzy7x-0000Tm-Qv for emacs-devel@gnu.org; Sat, 13 Dec 2014 20:37:47 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Xzy7s-0005S3-Lg for emacs-devel@gnu.org; Sat, 13 Dec 2014 20:37:41 -0500 Original-Received: from plane.gmane.org ([80.91.229.3]:60032) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Xzy7s-0005Rw-Ej for emacs-devel@gnu.org; Sat, 13 Dec 2014 20:37:36 -0500 Original-Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1Xzy7r-0004hr-Nr for emacs-devel@gnu.org; Sun, 14 Dec 2014 02:37:35 +0100 Original-Received: from c-98-229-61-72.hsd1.ma.comcast.net ([98.229.61.72]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 14 Dec 2014 02:37:35 +0100 Original-Received: from tzz by c-98-229-61-72.hsd1.ma.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 14 Dec 2014 02:37:35 +0100 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: emacs-devel@gnu.org Original-Lines: 43 Original-X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: c-98-229-61-72.hsd1.ma.comcast.net X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never User-Agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/25.0.50 (gnu/linux) Cancel-Lock: sha1:YdhKFiKyUJHVMFwEF67GmiuYz2Y= X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 80.91.229.3 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:180046 Archived-At: On Sat, 13 Dec 2014 22:06:55 +0200 Eli Zaretskii wrote: >> From: Ted Zlatanov >> Date: Sat, 13 Dec 2014 14:47:32 -0500 >> >> I'd make it the default, but through the trustfiles list: if the symbol >> 'system is found in the list, we load the system trust. And that's the >> default. But the user can add their own trustfiles, as they do now. EZ> What would be the reason for the user to remove 'system from the list? EZ> If a user is somehow not happy about system trust data, she should EZ> customize her system (if she is authorized), not Emacs. E.g., add a EZ> list of blacklisted certificates, remove certificates from the bundle, EZ> etc. I don't see how it's OK to exclude users who are not authorized to customize their systems. This is a common case. Another case is where the system is out of date and you don't have the option of updating it, because it's too old or the update server is down. There's also the case that you may not want to use the host OS's trust store for your own reasons. That should not be a struggle. Emacs is not a all-in-one web browser, it's a platform. Don't take away the users' choice of who they trust. Furthermore, GnuTLS until recently didn't have this functionality and somehow we survived. So it's not essential. But even if we decide to make 'system the only option, we'd have "if you're running GnuTLS 3.x or older, you'll get this behavior, but with 3.y or newer, another behavior." I think it's pretty unpleasant behavior to dynamically toggle who you trust based on system library versions. So unless we *only* support GnuTLS versions that have this functionality, I'm strongly against making it the only option when it's available. Finally, we have to consider backward compatibility. Users who have customized their trustfiles should not be surprised. We can put warnings in NEWS and blame the users when they don't read them, but I think it's much nicer to preserve the users' customizations. Ted