From: Lars Ingebrigtsen <larsi@gnus.org>
To: Jimmy Yuen Ho Wong <wyuenho@gmail.com>
Cc: 31946@debbugs.gnu.org, Noam Postavsky <npostavs@gmail.com>
Subject: bug#31946: 27.0.50; The NSM should warn about more TLS problems
Date: Wed, 27 Jun 2018 14:07:17 +0200 [thread overview]
Message-ID: <m3lgb0mo0a.fsf@gnus.org> (raw)
In-Reply-To: <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@mail.gmail.com> (Jimmy Yuen Ho Wong's message of "Wed, 27 Jun 2018 06:09:25 +0100")
Jimmy Yuen Ho Wong <wyuenho@gmail.com> writes:
> `(setq gnutls-log-level 999)` in Emacs currently doesn't tell me what
> KX algo was used , it just tells me AES-256-GCM was negotiated as a
> cipher. However,
To get the connection parameters, say something like:
(gnutls-peer-status (open-network-stream "foo" nil "dh-composite.badssl.com" "https" :tls-parameters (cons 'gnutls-x509pki (gnutls-boot-parameters :hostname "dh-composite.badssl.com"))))
=>
(:certificates ((:version 3 :serial-number "01:f2:02:03:1d:fd:a9:8e:fd:ff:0f:72:be:51:06:0d" :issuer "C=US,O=DigiCert Inc,CN=DigiCert SHA2 Secure Server CA" :valid-from "2017-03-18" :valid-to "2020-03-25" :subject "C=US,ST=California,L=Walnut Creek,O=Lucas Garron,CN=*.badssl.com" :public-key-algorithm "RSA" :certificate-security-level "Medium" :signature-algorithm "RSA-SHA256" :public-key-id "sha1:79:65:df:c9:3c:6a:e6:fe:83:81:ec:48:22:16:ec:44:ef:47:28:2a" :certificate-id "sha1:ca:53:08:74:6c:1e:06:44:d6:3a:f6:1b:f5:81:c7:2a:f9:0c:70:95") (:version 3 :serial-number "01:fd:a3:eb:6e:ca:75:c8:88:43:8b:72:4b:cf:bc:91" :issuer "C=US,O=DigiCert Inc,OU=www.digicert.com,CN=DigiCert Global Root CA" :valid-from "2013-03-08" :valid-to "2023-03-08" :subject "C=US,O=DigiCert Inc,CN=DigiCert SHA2 Secure Server CA" :public-key-algorithm "RSA" :certificate-security-level "Medium" :signature-algorithm "RSA-SHA256" :public-key-id "sha1:51:bc:4f:77:17:08:cf:e5:09:dd:e9:ea:a5:54:8e:91:c0:67:78:53" :certificate-id "sha1:1f:b8:6b:11:68:ec:74:31:54:06:2e:8c:9c:c5:b1:71:a4:b7:cc:b4")) :certificate (:version 3 :serial-number "01:f2:02:03:1d:fd:a9:8e:fd:ff:0f:72:be:51:06:0d" :issuer "C=US,O=DigiCert Inc,CN=DigiCert SHA2 Secure Server CA" :valid-from "2017-03-18" :valid-to "2020-03-25" :subject "C=US,ST=California,L=Walnut Creek,O=Lucas Garron,CN=*.badssl.com" :public-key-algorithm "RSA" :certificate-security-level "Medium" :signature-algorithm "RSA-SHA256" :public-key-id "sha1:79:65:df:c9:3c:6a:e6:fe:83:81:ec:48:22:16:ec:44:ef:47:28:2a" :certificate-id "sha1:ca:53:08:74:6c:1e:06:44:d6:3a:f6:1b:f5:81:c7:2a:f9:0c:70:95") :diffie-hellman-prime-bits 2047 :key-exchange "DHE-RSA" :protocol "TLS1.2" :cipher "AES-128-GCM" :mac "AEAD")
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
next prev parent reply other threads:[~2018-06-27 12:07 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-23 10:38 bug#31946: 27.0.50; The NSM should warn about more TLS problems Lars Ingebrigtsen
2018-06-24 13:43 ` Lars Ingebrigtsen
2018-06-26 1:23 ` Noam Postavsky
2018-06-26 4:11 ` Jimmy Yuen Ho Wong
2018-06-26 6:26 ` Jimmy Yuen Ho Wong
2018-06-26 12:44 ` Noam Postavsky
2018-06-26 14:38 ` Eli Zaretskii
2018-07-03 15:08 ` Lars Ingebrigtsen
2018-07-04 1:34 ` Noam Postavsky
2018-07-08 14:20 ` Lars Ingebrigtsen
2018-07-08 14:21 ` Lars Ingebrigtsen
2018-07-08 14:22 ` Lars Ingebrigtsen
2018-07-08 18:34 ` Lars Ingebrigtsen
2018-07-08 18:50 ` Noam Postavsky
2018-07-08 20:01 ` Lars Ingebrigtsen
2018-07-10 2:04 ` Noam Postavsky
2018-07-22 11:05 ` Lars Ingebrigtsen
2018-07-29 14:45 ` Noam Postavsky
2018-07-08 18:36 ` Lars Ingebrigtsen
2018-07-08 19:20 ` Lars Ingebrigtsen
2018-07-08 14:23 ` Lars Ingebrigtsen
2018-06-26 9:27 ` Lars Ingebrigtsen
2018-06-26 14:42 ` Eli Zaretskii
2018-06-27 0:45 ` Noam Postavsky
2018-06-27 5:09 ` Jimmy Yuen Ho Wong
2018-06-27 12:07 ` Lars Ingebrigtsen [this message]
2018-06-27 12:20 ` Lars Ingebrigtsen
2018-06-27 15:16 ` Eli Zaretskii
2018-06-27 16:40 ` Jimmy Yuen Ho Wong
2018-06-28 16:10 ` Lars Ingebrigtsen
2018-06-28 0:14 ` Noam Postavsky
2018-06-28 15:58 ` Jimmy Yuen Ho Wong
2018-06-28 16:15 ` Lars Ingebrigtsen
2018-06-28 16:42 ` Jimmy Yuen Ho Wong
2018-06-28 17:01 ` Lars Ingebrigtsen
2018-06-28 18:15 ` Jimmy Yuen Ho Wong
2018-06-29 5:21 ` Jimmy Yuen Ho Wong
2018-06-29 5:25 ` Jimmy Yuen Ho Wong
2018-06-30 17:28 ` Jimmy Yuen Ho Wong
2018-06-30 20:30 ` Noam Postavsky
2018-06-30 23:15 ` Jimmy Yuen Ho Wong
2018-06-30 23:35 ` Noam Postavsky
2018-07-01 15:01 ` Eli Zaretskii
2019-08-26 4:34 ` Lars Ingebrigtsen
2019-08-26 13:13 ` Andy Moreton
2019-08-26 16:07 ` Eli Zaretskii
2019-08-26 17:45 ` Andy Moreton
2019-08-26 18:12 ` Eli Zaretskii
2019-08-26 18:19 ` Andy Moreton
2019-08-26 19:36 ` Eli Zaretskii
2019-08-26 22:56 ` Andy Moreton
2019-08-27 7:23 ` Eli Zaretskii
2019-08-27 15:25 ` Andy Moreton
2019-08-27 15:50 ` Eli Zaretskii
2019-08-27 8:01 ` bug#31946: 27.0.50; GnuTLS still crashes on MinGW Markus Weber
2019-08-27 15:00 ` Eli Zaretskii
2019-08-27 15:50 ` Eli Zaretskii
2019-08-29 8:05 ` mw
2019-08-29 12:20 ` Eli Zaretskii
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m3lgb0mo0a.fsf@gnus.org \
--to=larsi@gnus.org \
--cc=31946@debbugs.gnu.org \
--cc=npostavs@gmail.com \
--cc=wyuenho@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.