From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.devel Subject: Re: Testing the gnutls support Date: Mon, 28 Mar 2011 13:52:26 -0500 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: <87ipv3krh1.fsf@lifelogs.com> References: <87r5g0x0fd.fsf@lifelogs.com> <83mxqnmqqy.fsf@gnu.org> <8762xalkgg.fsf@lifelogs.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: dough.gmane.org 1301338923 27123 80.91.229.12 (28 Mar 2011 19:02:03 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Mon, 28 Mar 2011 19:02:03 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Mar 28 21:01:59 2011 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1Q4HhO-0003nq-NV for ged-emacs-devel@m.gmane.org; Mon, 28 Mar 2011 21:01:59 +0200 Original-Received: from localhost ([127.0.0.1]:55789 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q4HcS-0007az-Ib for ged-emacs-devel@m.gmane.org; Mon, 28 Mar 2011 14:56:52 -0400 Original-Received: from [140.186.70.92] (port=42576 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q4HYO-0005XZ-KM for emacs-devel@gnu.org; Mon, 28 Mar 2011 14:52:41 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q4HYN-0007qc-BS for emacs-devel@gnu.org; Mon, 28 Mar 2011 14:52:40 -0400 Original-Received: from lo.gmane.org ([80.91.229.12]:56410) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q4HYM-0007q7-WD for emacs-devel@gnu.org; Mon, 28 Mar 2011 14:52:39 -0400 Original-Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1Q4HYK-0007vg-Kc for emacs-devel@gnu.org; Mon, 28 Mar 2011 20:52:36 +0200 Original-Received: from 38.98.147.130 ([38.98.147.130]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 28 Mar 2011 20:52:36 +0200 Original-Received: from tzz by 38.98.147.130 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 28 Mar 2011 20:52:36 +0200 X-Injected-Via-Gmane: http://gmane.org/ Original-Lines: 33 Original-X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: 38.98.147.130 X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" User-Agent: Gnus/5.110016 (No Gnus v0.16) Emacs/24.0.50 (gnu/linux) Cancel-Lock: sha1:zjzY3W169SYz4fDOkLbL3dvWok4= X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 80.91.229.12 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:137793 Archived-At: On Sat, 09 Oct 2010 23:50:55 -0500 Ted Zlatanov wrote: TZ> 1) we should be verifying the host name matches the certificate--but TZ> should this be done in gnutls.el or gnutls.c? This is done in gnutls.c (using a host name passed through `gnutls-negotiate' from gnutls.el) now. The verification can be turned off. TZ> 2) we should set up a verification callback (but this is not available TZ> in mainstream Debian/Ubuntu yet, since it's new in 2.10). In the TZ> callback we should let the user accept an invalid certificate. I'd like TZ> to defer this until 2.10 is in the Debian mainstream. TZ> 3) We should give users a way to accept certificates. Right now they TZ> can pass a list of trust file names themselves but I think this should TZ> be a more general facility. I am not sure this is useful as part of the GnuTLS connection mechanism because pausing external network-level C functions to interact with the user can cause some serious bugs. It seemed like a good approach but after working with the GnuTLS code I'm pretty sure it will cause problems long-term. It's probably cleaner to save every invalid certificate in a list and give the user a UI to choose which certificates they wish to accept, perhaps linking to the last validation failure and whatever else will help the user identify which certificates he wants to accept (maybe a hash ID of the certificate in the messages buffer). Any opinions? Ted