From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Nikos Mavrogiannopoulos Newsgroups: gmane.emacs.bugs Subject: bug#11267: 24.0.95; gnutls.c: [0] (Emacs) fatal error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough). Date: Mon, 10 Feb 2014 09:28:09 +0100 Message-ID: References: <874nsi12ng.fsf@niu.edu> <6mwr5d6l6e.fsf@fencepost.gnu.org> <20367.61741.640831.184941@gargle.gargle.HOWL> <20368.16452.379860.520133@gargle.gargle.HOWL> <87k4152t8j.fsf@lifelogs.com> <20375.1898.39520.582160@gargle.gargle.HOWL> <87ob2f8zdr.fsf@lifelogs.com> <21240.16957.410641.502622@gargle.gargle.HOWL> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 X-Trace: ger.gmane.org 1392021133 8982 80.91.229.3 (10 Feb 2014 08:32:13 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 10 Feb 2014 08:32:13 +0000 (UTC) Cc: 15057@debbugs.gnu.org, Ted Zlatanov , 16253@debbugs.gnu.org, 11267@debbugs.gnu.org To: Roland Winkler Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Mon Feb 10 09:32:17 2014 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1WCmHo-0005W8-JE for geb-bug-gnu-emacs@m.gmane.org; Mon, 10 Feb 2014 09:32:16 +0100 Original-Received: from localhost ([::1]:54193 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WCmHo-0005nf-3e for geb-bug-gnu-emacs@m.gmane.org; Mon, 10 Feb 2014 03:32:16 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:58258) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WCmHh-0005na-S6 for bug-gnu-emacs@gnu.org; Mon, 10 Feb 2014 03:32:14 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WCmHd-0006hm-4N for bug-gnu-emacs@gnu.org; Mon, 10 Feb 2014 03:32:09 -0500 Original-Received: from debbugs.gnu.org ([140.186.70.43]:59413) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WCmHd-0006hS-1H for bug-gnu-emacs@gnu.org; Mon, 10 Feb 2014 03:32:05 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80) (envelope-from ) id 1WCmHb-0001Sm-2U for bug-gnu-emacs@gnu.org; Mon, 10 Feb 2014 03:32:04 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Nikos Mavrogiannopoulos Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Mon, 10 Feb 2014 08:32:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 11267 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: Original-Received: via spool by 11267-submit@debbugs.gnu.org id=B11267.13920211004887 (code B ref 11267); Mon, 10 Feb 2014 08:32:02 +0000 Original-Received: (at 11267) by debbugs.gnu.org; 10 Feb 2014 08:31:40 +0000 Original-Received: from localhost ([127.0.0.1]:39075 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WCmHA-0001GC-KO for submit@debbugs.gnu.org; Mon, 10 Feb 2014 03:31:39 -0500 Original-Received: from mail-qc0-f175.google.com ([209.85.216.175]:34505) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WCmDu-0000cD-Qg; Mon, 10 Feb 2014 03:28:16 -0500 Original-Received: by mail-qc0-f175.google.com with SMTP id x13so10090595qcv.34 for ; Mon, 10 Feb 2014 00:28:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=mX1hM+/23+HWh1IO7PtQYC2toaOyoilG3lZe/ZOnmro=; b=nQ45SZDJuHPUGLqMZn6IWyg4bG9F2/dj3qM1DBmW9kqmksifZW7GscrP+7/JmQKiny c4l/mEh47v+DdJdJOwj0w2m0KzDribK96RYmCBOgyO7YbQLuuq470onXVcjEEZLDKF35 sAgti9C/H1SvXMV9ZS2A+yYX75GxSoa/tVhroYRHAYLBGK8SNLaUOIXm3YhVLLLlr9vA 2R4zyID0eP9TycFBeIbHCtZ9gTrQpMQsXl4y1T2B/vFHJAYqoOV7iSOcKm2ou5oO0EpX oK4hdwyeLlVDqe5P1BMYGcgfeLPqv77GCGAmbEVSLyEEczvhvQEp2gheZQqvoBTd0cU+ zV+A== X-Received: by 10.224.62.14 with SMTP id v14mr6679002qah.79.1392020889385; Mon, 10 Feb 2014 00:28:09 -0800 (PST) Original-Received: by 10.229.58.137 with HTTP; Mon, 10 Feb 2014 00:28:09 -0800 (PST) In-Reply-To: <21240.16957.410641.502622@gargle.gargle.HOWL> X-Mailman-Approved-At: Mon, 10 Feb 2014 03:31:32 -0500 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:85251 Archived-At: On Mon, Feb 10, 2014 at 4:06 AM, Roland Winkler wrote: > On Sun Feb 9 2014 Ted Zlatanov wrote: >> Roland, if you are satisfied with the direction taken in those >> bugs, we can probably close this one. > I am still a bit confused concerning a "reasonable minimal value" > for gnutls-min-prime-bits. Is 256 a value that I can feel > comfortable about? No. 256-bit DH is a bit harder than rot13 as encryption. I'd suggest not to set the minimum acceptable size and let gnutls decide instead. For broken servers that use very small sizes, you could disable the DHE ciphersuites as described in the previous mails. regards, Nikos