From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Lars Ingebrigtsen Newsgroups: gmane.emacs.bugs Subject: bug#31946: 27.0.50; The NSM should warn about more TLS problems Date: Tue, 26 Jun 2018 11:27:34 +0200 Message-ID: References: <87fu1apchn.fsf@gmail.com> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Trace: blaine.gmane.org 1530005173 14255 195.159.176.226 (26 Jun 2018 09:26:13 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Tue, 26 Jun 2018 09:26:13 +0000 (UTC) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) Cc: 31946@debbugs.gnu.org, Jimmy Yuen Ho Wong To: Noam Postavsky Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Tue Jun 26 11:26:09 2018 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fXkEi-0003ZY-IV for geb-bug-gnu-emacs@m.gmane.org; Tue, 26 Jun 2018 11:26:08 +0200 Original-Received: from localhost ([::1]:51338 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fXkGp-000177-P0 for geb-bug-gnu-emacs@m.gmane.org; Tue, 26 Jun 2018 05:28:19 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:39679) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fXkGb-00015f-Hk for bug-gnu-emacs@gnu.org; Tue, 26 Jun 2018 05:28:06 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fXkGY-0004PD-Co for bug-gnu-emacs@gnu.org; Tue, 26 Jun 2018 05:28:05 -0400 Original-Received: from debbugs.gnu.org ([208.118.235.43]:55970) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1fXkGY-0004P1-8b for bug-gnu-emacs@gnu.org; Tue, 26 Jun 2018 05:28:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1fXkGX-0007ki-Vn for bug-gnu-emacs@gnu.org; Tue, 26 Jun 2018 05:28:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Lars Ingebrigtsen Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Tue, 26 Jun 2018 09:28:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 31946 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: security Original-Received: via spool by 31946-submit@debbugs.gnu.org id=B31946.153000526029772 (code B ref 31946); Tue, 26 Jun 2018 09:28:01 +0000 Original-Received: (at 31946) by debbugs.gnu.org; 26 Jun 2018 09:27:40 +0000 Original-Received: from localhost ([127.0.0.1]:35634 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fXkGC-0007k7-4j for submit@debbugs.gnu.org; Tue, 26 Jun 2018 05:27:40 -0400 Original-Received: from hermes.netfonds.no ([80.91.224.195]:47683) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fXkGA-0007jy-LI for 31946@debbugs.gnu.org; Tue, 26 Jun 2018 05:27:39 -0400 Original-Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=stories) by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1fXkG6-0007jU-93; Tue, 26 Jun 2018 11:27:36 +0200 Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAElBMVEX9ZQD+kAD+eADtFADW BgD4OgC8Ld+8AAACT0lEQVQ4jW2Uy5LjIAxFZRL2Nl3eAx7vHQv23YOyx3b0/78yEk6q011Dyg90 0NVFlANE2AafI58zJDhByS184AlKEoA/gLzKLwkoGWUq8SZ26hSVygce+VUCWaZ4UKlXWDzibpmB uc7MhjHPRMsHZMi8j8yBee+ZuwtmnwgT3EWh2pnB8u75qFaUj1QEzHbncfK2xhgAb9tiqyz6AzTP K35MEy7gocd1VQWeEpSDb8c4+mOBaEfJ2AVUOGTnund1LJYv4h2T7rk0UJ4NWtrOJZBIWiLRhFix tSnppqm8ge3MaTIJSZtIIo1ms9KMenB+5OMhhCARW4tw26rN8zTZ5ZItVwGIwJb464uJ5nS1n5dl XVoNkWLa1/XvleJ4/ZSG3IsVcNdeXqmYB9HjqtapDWk70TbSfZho7R8ENqlZAZ99om2mMjzo1kvi jIXb0S7S/X1O2F0lg8rWY3aXtPZwt5qRtIae0DYJQFxnBWWZKXcHLaP4kBMMB+4zmOghOIABoHMW TG/c0MsDwvD/8RO4+A0G9wbCC8jxh/cUpxOna+MvqSAx5+QWfoIYhiDr9fG7eIhRLxchvkiTdxqL DZjhSZo772M4ITTZl9m23ESFADEO7txLk3DnDaRXcYhaNnoGXe07NWAko4u6ySCbBeeN19oeAHZj TmNCg/P+9CSoRhO0iAvBtQQncpIA1WgZqROiC1GPx0RQqaq+FAkMahKeQ75XcdCd8Bmrujyzvhr1 J6tti1dun3cjYkMqw/OvRgjIVZ8Kxlt7Bu0LWPguqUPAP7QPtxAVUiQZAAAAAElFTkSuQmCC In-Reply-To: <87fu1apchn.fsf@gmail.com> (Noam Postavsky's message of "Mon, 25 Jun 2018 21:23:16 -0400") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:147832 Archived-At: Noam Postavsky writes: >>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 "https://d= h-small-subgroup.badssl.com/"=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 ;; = fail >>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 "https://d= h-composite.badssl.com/"=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 ;; fail > > So these ones seem kind of problematic, as alluded to on emacs-devel. > It doesn't look like gnutls has an API to get or check the value of the > DH primes (calc-prime-test bails out when given a 1024 bit prime, so we > definitely need library support for this). But they may not that urgent, if I understand things correctly. Current Firefox, for instance, does not seem to warn about this. We could get in touch with the gnutls maintainer and ask for his input and perhaps ask for API endpoints to allow us to check for these things? --=20 (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no