From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Reiner Steib <reinersteib+gmane@imap.cc>
Newsgroups: gmane.emacs.devel
Subject: Re: Additional network security
Date: Thu, 18 Dec 2014 22:54:24 +0100
Message-ID: <87r3vwaajz.fsf@marauder.physik.uni-ulm.de>
References: <m3a932w2sk.fsf@stories.gnus.org>
	<jwvk326x7mg.fsf-monnier+emacs@gnu.org>
	<m361do8z1j.fsf@stories.gnus.org>
	<jwv61dotmrn.fsf-monnier+emacs@gnu.org>
	<87lhmkja3h.fsf@uwakimon.sk.tsukuba.ac.jp>
	<871tobmndd.fsf@lifelogs.com> <m3lhmjh0pp.fsf@stories.gnus.org>
	<87oarfl7d1.fsf@lifelogs.com> <m3lhmjfj62.fsf@stories.gnus.org>
Reply-To: Reiner Steib <Reiner.Steib@gmx.de>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: ger.gmane.org 1418939697 5223 80.91.229.3 (18 Dec 2014 21:54:57 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Thu, 18 Dec 2014 21:54:57 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Dec 18 22:54:52 2014
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Y1j22-0000Wu-Rd
	for ged-emacs-devel@m.gmane.org; Thu, 18 Dec 2014 22:54:50 +0100
Original-Received: from localhost ([::1]:55864 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Y1j22-0003gI-Dm
	for ged-emacs-devel@m.gmane.org; Thu, 18 Dec 2014 16:54:50 -0500
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:47212)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1Y1j1u-0003g8-Ee
	for emacs-devel@gnu.org; Thu, 18 Dec 2014 16:54:47 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1Y1j1p-0003r6-5b
	for emacs-devel@gnu.org; Thu, 18 Dec 2014 16:54:42 -0500
Original-Received: from plane.gmane.org ([80.91.229.3]:44062)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1Y1j1o-0003pB-Uc
	for emacs-devel@gnu.org; Thu, 18 Dec 2014 16:54:37 -0500
Original-Received: from list by plane.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1Y1j1m-0000SV-Uu
	for emacs-devel@gnu.org; Thu, 18 Dec 2014 22:54:35 +0100
Original-Received: from manz-5f7484f9.pool.mediaways.net ([95.116.132.249])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Thu, 18 Dec 2014 22:54:34 +0100
Original-Received: from Reiner.Steib by manz-5f7484f9.pool.mediaways.net with local
	(Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Thu, 18 Dec 2014 22:54:34 +0100
X-Injected-Via-Gmane: http://gmane.org/
Mail-Followup-To: emacs-devel@gnu.org
Original-Lines: 21
Original-X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: manz-5f7484f9.pool.mediaways.net
X-Face: P05mdcZT&lL[-s2=mw~RsllZ0zZAb?vdE}.s<l:C!'y=7MhVA[J6}92Ma:vvdy](YbA+AS!
	n"JLX4vFh8fL,.+XSC(B%i/V9e]L$EiVH,QI;j+ffz9#AW~w)n
Mail-Copies-To: nobody
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)
Cancel-Lock: sha1:tzk0ra30vD/qlv+ZE9jZMQdkd6s=
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 80.91.229.3
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:180297
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/180297>

Lars Magne Ingebrigtsen wrote:
> Ted Zlatanov <tzz@lifelogs.com> writes:
>
>> How about extending the GnuTLS priority string to also specify the NSM
>> level, DH bits, etc? So the user would say "NORMAL:NSM(medium,dh=1024)"
>> and we'd cut out all the NSM bits before passing it on to GnuTLS. If
>> there's nothing in the priority string, we'd look at
>> `network-security-level', that would be the out-of-the-box use case.
>
> I'm not sure we need to allow this to be customised at this fine-grained
> level.  Does Firefox allow that, for instance?

At least there's security.tls.version.min,
security.ssl3.ecdhe_ecdsa_rc4_128_sha, and several other security.*
prefs.  Dunno how these relate to Ted's suggestion.

Bye, Reiner.
-- 
       ,,,
      (o o)
---ooO-(_)-Ooo---  |  PGP key available  |  http://rsteib.home.pages.de/