From: Mark H Weaver <mhw@netris.org>
To: Stefan Monnier <monnier@iro.umontreal.ca>
Cc: 18600@debbugs.gnu.org
Subject: bug#18600: 24.3.94; EWW fails to check https certificates
Date: Sun, 05 Oct 2014 13:17:56 -0400 [thread overview]
Message-ID: <87y4su4erf.fsf@yeeloong.lan> (raw)
In-Reply-To: <jwvzjdbth0j.fsf-monnier+emacsbugs@gnu.org> (Stefan Monnier's message of "Sat, 04 Oct 2014 22:00:27 -0400")
Stefan Monnier <monnier@iro.umontreal.ca> writes:
>> With these in mind, I have two recommendations:
>> * I believe that eww https should check certificates by default in 24.4,
>> even though other tls connections are tolerant by default.
>> * At minimum, it should be possible to enable certificate checking for
>> eww https connections while still allowing self-signed certificates
>> for other uses of 'open-gnutls-stream' such as imaps and smtps. This
>> is fairly common case.
>
> I think it's too late to do that for Emacs-24.4. But we should apply
> such a change to `emacs-24' after the 24.4 release, so that it will be
> included in the next release regardless if the next release is 25.1 or
> a 24.5 bugfix.
I continue to think this will be ill-received, and could result in more
bad PR for the GNU Project, but having said that, I'll let it go now.
Thanks,
Mark
next prev parent reply other threads:[~2014-10-05 17:17 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-02 5:48 bug#18600: 24.3.94; EWW fails to check https certificates Mark H Weaver
2014-10-03 23:01 ` Glenn Morris
2014-10-03 23:44 ` Glenn Morris
2014-10-04 21:34 ` Ted Zlatanov
2014-10-04 23:24 ` Mark H Weaver
2014-10-05 2:00 ` Stefan Monnier
2014-10-05 2:38 ` Marking changes to be backported Glenn Morris
2014-10-05 16:46 ` Glenn Morris
2014-10-06 1:13 ` Stefan Monnier
2014-10-06 6:37 ` Glenn Morris
2014-10-06 13:25 ` Stefan Monnier
2014-10-06 15:16 ` Eli Zaretskii
2014-10-06 18:49 ` Glenn Morris
2014-10-06 19:12 ` Stefan Monnier
2014-10-06 15:09 ` Eli Zaretskii
2014-10-05 17:17 ` Mark H Weaver [this message]
2014-10-05 2:16 ` bug#18600: 24.3.94; EWW fails to check https certificates Glenn Morris
2014-11-23 17:10 ` Lars Magne Ingebrigtsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87y4su4erf.fsf@yeeloong.lan \
--to=mhw@netris.org \
--cc=18600@debbugs.gnu.org \
--cc=monnier@iro.umontreal.ca \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.