bug#16784: 24.3; Problems opening NNTP connection: failing starttls because of a non-verified certificate

all messages for Emacs-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed

From: Lars Magne Ingebrigtsen <larsi@gnus.org>
To: 16784@debbugs.gnu.org
Subject: bug#16784: 24.3; Problems opening NNTP connection: failing starttls because of a non-verified certificate
Date: Mon, 24 Mar 2014 13:14:12 +0100	[thread overview]
Message-ID: <m361n3ztd7.fsf@stories.gnus.org> (raw)
In-Reply-To: <upzck3bnon6w.fsf@dod.no> (Steinar Bang's message of "Fri, 21 Mar 2014 11:33:59 +0100")

Steinar Bang <sb@dod.no> writes:

>>>>>> Lars Magne Ingebrigtsen <larsi@gnus.org>:
>
>> Ted Zlatanov <tzz@lifelogs.com> writes:
> SB> I would like one of the following solutions:
> SB> 1. The possibility to switch off the attempted upgrade to STARTTLS for
> SB> NNTP connections
>
>>> I think Lars has to give an opinion here.
>
>> I think we should always do encryption, even though we can't do validation.
>
> The reason I asked for this, is that if an ecryption I didn't ask for
> causes the connection to fail, I would like to be able to turn it off
> and have my unsafe connection.

Yeah, but I's saying that the connection shouldn't fail.  >"?  If you
didn't ask for encryption, but Emacs decides to do STARTTLS anyway, then
Emacs should not do identity validation.

Except perhaps just issue a message saying "couldn't validate TLS
identity" or something at the most.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

next prev parent reply	other threads:[~2014-03-24 12:14 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-02-17 17:50 bug#16784: 24.3; Problems opening NNTP connection: failing starttls because of a non-verified certificate sb
2014-02-18 15:43 ` Ted Zlatanov
2014-03-20 14:48   ` Ted Zlatanov
2014-03-20 14:58     ` Lars Magne Ingebrigtsen
2014-03-21 10:23       ` Ted Zlatanov
2014-03-21 10:33       ` Steinar Bang
2014-03-24 12:14         ` Lars Magne Ingebrigtsen [this message]
2014-12-08 20:07 ` Lars Magne Ingebrigtsen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=m361n3ztd7.fsf@stories.gnus.org \
    --to=larsi@gnus.org \
    --cc=16784@debbugs.gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/emacs.git
	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.