From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Lars Ingebrigtsen Newsgroups: gmane.emacs.devel Subject: Re: Deprecate TLS1.0 support in emacs Date: Tue, 01 Aug 2017 14:38:15 +0200 Message-ID: <87tw1rihu0.fsf@mouse> References: <87o9sp7qok.fsf@gmail.com> <87zic9vk98.fsf@mouse> <87fue17mo5.fsf@gmail.com> <87tw2hvhob.fsf@mouse> <8760ex63hi.fsf@gmail.com> <87fue1v5lr.fsf@mouse> <87shi0tqh3.fsf@gmail.com> <87d18fwl66.fsf@gmail.com> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: blaine.gmane.org 1501591126 32636 195.159.176.226 (1 Aug 2017 12:38:46 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Tue, 1 Aug 2017 12:38:46 +0000 (UTC) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) Cc: Richard Stallman , emacs-devel@gnu.org To: Robert Pluim Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Tue Aug 01 14:38:40 2017 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dcWRW-000838-So for ged-emacs-devel@m.gmane.org; Tue, 01 Aug 2017 14:38:34 +0200 Original-Received: from localhost ([::1]:42359 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dcWRc-0006Pz-UW for ged-emacs-devel@m.gmane.org; Tue, 01 Aug 2017 08:38:40 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:36207) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dcWRT-0006Og-TY for emacs-devel@gnu.org; Tue, 01 Aug 2017 08:38:32 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dcWRT-0005Ry-3R for emacs-devel@gnu.org; Tue, 01 Aug 2017 08:38:31 -0400 Original-Received: from hermes.netfonds.no ([80.91.224.195]:38801) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dcWRO-0005Kz-DM; Tue, 01 Aug 2017 08:38:26 -0400 Original-Received: from cm-84.209.243.26.getinternet.no ([84.209.243.26] helo=mouse) by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1dcWRE-0003TN-4c; Tue, 01 Aug 2017 14:38:18 +0200 In-Reply-To: <87d18fwl66.fsf@gmail.com> (Robert Pluim's message of "Tue, 01 Aug 2017 14:02:25 +0200") X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 80.91.224.195 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.org gmane.emacs.devel:217200 Archived-At: Robert Pluim writes: > Ping? I'd like to improve the default communication security settings > of Emacs, the current state is too insecure for my liking. My feeling, as I think I said, is that it's premature to warn about things like TLS1.0 in an intrusive manner. There's too many sites out there that still use that protocol, and warning too much is no help for our users. -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no