From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!.POSTED!not-for-mail
From: Jimmy Yuen Ho Wong <wyuenho@gmail.com>
Newsgroups: gmane.emacs.devel
Subject: Re: The netsec thread
Date: Fri, 20 Jul 2018 13:59:12 +0100
Message-ID: <CAKDRQS4YRoks-b15ma14rux9qYk86V95taQA7Bxp8gdh+edyvw@mail.gmail.com>
References: <m3fu0ef8gg.fsf@gnus.org>
	<CAKDRQS477aazpF-aNP8HosWc2_Mkz7W2m+joqK7G98gkCBjWtw@mail.gmail.com>
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
X-Trace: blaine.gmane.org 1532091500 26958 195.159.176.226 (20 Jul 2018 12:58:20 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Fri, 20 Jul 2018 12:58:20 +0000 (UTC)
Cc: Emacs-Devel devel <emacs-devel@gnu.org>
To: Lars Ingebrigtsen <larsi@gnus.org>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Jul 20 14:58:16 2018
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by blaine.gmane.org with esmtp (Exim 4.84_2)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1fgUz8-0006qh-Ql
	for ged-emacs-devel@m.gmane.org; Fri, 20 Jul 2018 14:58:14 +0200
Original-Received: from localhost ([::1]:48059 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1fgV1E-0005bl-62
	for ged-emacs-devel@m.gmane.org; Fri, 20 Jul 2018 09:00:24 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:55771)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <wyuenho@gmail.com>) id 1fgV0U-0005N2-8J
	for emacs-devel@gnu.org; Fri, 20 Jul 2018 08:59:42 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <wyuenho@gmail.com>) id 1fgV0P-0007PH-UH
	for emacs-devel@gnu.org; Fri, 20 Jul 2018 08:59:38 -0400
Original-Received: from mail-it0-x236.google.com ([2607:f8b0:4001:c0b::236]:50716)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <wyuenho@gmail.com>) id 1fgV0P-0007Ot-P8
	for emacs-devel@gnu.org; Fri, 20 Jul 2018 08:59:33 -0400
Original-Received: by mail-it0-x236.google.com with SMTP id w16-v6so14541004ita.0
	for <emacs-devel@gnu.org>; Fri, 20 Jul 2018 05:59:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=mime-version:in-reply-to:references:from:date:message-id:subject:to
	:cc; bh=scuQ2cazmC2Mcjfzj71DcXEfciSP+4S3XBlkso0BHZg=;
	b=boIPKCLf5ISGuotVCgFiK31VdEouxquxsWD5297RBQ8wOTeTiCDFdXksnVrwISM/5q
	FigqxQP9Pt8icvXhfb1l/mVM1jRP6dNzuJA43KLGNK+q1/9XX2L9+5VM334zn4iV/OIA
	46OGpLY2cWytZBsL7sMI4izZqwsIh+Vl0Vvp78ga366wCsW1mYYbU4uLqaaocM/4HbVA
	u5GiYuhXLqFDJoABQ6MxaT0g5st8ya0yhKRntRT+EbHfYgFIuNXyN2Sh4McgfPlIgAF6
	VKCszP/Pp/epicng/yUlD3d+1JQuhfrNdAd8D4E/eWroquXGwowRb6YVM0AVLSpyWlRl
	TaTg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:mime-version:in-reply-to:references:from:date
	:message-id:subject:to:cc;
	bh=scuQ2cazmC2Mcjfzj71DcXEfciSP+4S3XBlkso0BHZg=;
	b=WNX03eRwH8THfkb+NuB91IY95I86bUk2MCEWYg1A9I/2BlxeAm/88Yt+Jfj6aNy+yr
	FGTvnDPaT3uoI9g9j46fZ6VjY1ztyqst6XEyHANKKxIuh4UZ6zKq7FiRwugjqdtkLCaa
	L9ZLe2F4q2OgxuHN3jCKpYk+yZxGyrgC/02uKQ3yz3Rb9z7duw1mtDKcu9Ov2s49145l
	NXiGViNCHbtxBtOBtHGyEROs0Ou2NiGMOJ9VN9u8EJCdCsIegKXHnV1xyIEMHO3B7Swc
	AvN0u0xxAgYuWQNHpvaDyL5wIGvWgS5LBkPo778Dsgd9FADQiG1uK456b0rcbGHqTDBk
	uLvw==
X-Gm-Message-State: AOUpUlHhAGEMp8LiJmp5QdrjOQNQ5O8hQAkGI3f2txYSeE46IQPuB1YL
	O1hb0C0Q21Ot2RyTigDTDyJQYU5aZ+JR/ow6ZlVZdQ==
X-Google-Smtp-Source: AAOMgpd+Y+NSVc6sJcBAYaBpK07tuXEEbwcJFm0m6O2YJ0+eEwOsXXB2URPts229PRWsJIuTVO1Ff7IJJFxGn/Adb18=
X-Received: by 2002:a02:1e08:: with SMTP id m8-v6mr1749697jad.8.1532091572975; 
	Fri, 20 Jul 2018 05:59:32 -0700 (PDT)
Original-Received: by 2002:a02:985d:0:0:0:0:0 with HTTP; Fri, 20 Jul 2018 05:59:12
	-0700 (PDT)
In-Reply-To: <CAKDRQS477aazpF-aNP8HosWc2_Mkz7W2m+joqK7G98gkCBjWtw@mail.gmail.com>
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 2607:f8b0:4001:c0b::236
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel/>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: "Emacs-devel" <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Xref: news.gmane.org gmane.emacs.devel:227580
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/227580>

OMG my typing skills...

On Fri, Jul 20, 2018 at 1:55 PM, Jimmy Yuen Ho Wong <wyuenho@gmail.com> wrote:
> Woooo I like this bikeshedding :) Thanks in advance for checking out
> the netsec branch. Just a heads up tho, I plan to push my OCSP stuff
> this weekend, let me know if you prefer me doing it before or after
> your review.
>
> Abobut the issued to and issued by, there are a couple of reasons I
> just dumped out the the whole DN, mainly because of DV, OV and EV
> certs put different and sometime irrelevent things in the RDNs. But
> obvious, current iteration isn't ideal either. Perhaps I should sort
> the RDNs, and always outpunt CN=...O=...OU=.... in that order, and
> properly wrap them.
>
> As to session info, I can probably merge the TLS extensions into a single line.
>
>
> On Fri, Jul 20, 2018 at 12:33 PM, Lars Ingebrigtsen <larsi@gnus.org> wrote:
>> I still haven't looked at the code for the netsec branch, but I've got
>> that scheduled for Sunday.  *crosses fingers*
>>
>> But that doesn't mean that we can't bikeshed some UI stuff in the
>> meantime.  :-)
>>
>> Here's the current NSM info buffer:
>>
>>
>>
>> And here's Jimmy's new one:
>>
>>
>>
>> I like the underlining, indentation and *bullet points, but it's looking
>> like it's moving more in the direction of a TLS debugging buffer than
>> something that a user has much chance of understanding or navigating.
>> (The old one also has that problem, but to a lesser degree.)
>>
>> For instance, displaying the full x.50x/RFC4514 string is a turn-off and
>> looks like line noise to most people, I think.  Breaking out the three
>> bits that are of interest, the CN from the issuer, the O from the
>> recipient, and the host name, is more readable.  (Not to mention that
>> the strings are usually too long and will wrap on common
>> configurations.)
>>
>> And in the opposite direction, breaking out all the encryption stuff
>> into their own lines doesn't make much sense, I think.  The session
>> details could be reserved for the `d'etails buffer.  "Encrypt-then-MAC"
>> sounds so...  internal.  :-)
>>
>> The explanation line ("... is insecure ...") hasn't been folded
>> correctly, and it says "reasons" even if there's just one reason.
>>
>> The addition of the details is great:
>>
>>
>>
>> The keystrokes should be more standard, though: SPC for forward and DEL
>> for back (perhaps in addition to the one you've got).  And I was unsure
>> what "quit" would do -- quit the entire connection or just the details
>> buffer?
>>
>> --
>> (domestic pets only, the antidote for overdose, milk.)
>>    bloggy blog: http://lars.ingebrigtsen.no
>>
>>