From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/83657 Path: news.gmane.org!not-for-mail From: Eric Abrahamsen Newsgroups: gmane.emacs.gnus.general Subject: Re: failed decryption on gwene group? Date: Mon, 05 Aug 2013 10:54:33 +0800 Message-ID: <8761vkzw2e.fsf@ericabrahamsen.net> References: <87bo5f3p2c.fsf@ericabrahamsen.net> <87txj6stx7.fsf@lifelogs.com> <8761vm42s2.fsf@ericabrahamsen.net> <87k3k1sn5k.fsf@lifelogs.com> <87zjsxzegq.fsf@ericabrahamsen.net> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: ger.gmane.org 1375671280 16866 80.91.229.3 (5 Aug 2013 02:54:40 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 5 Aug 2013 02:54:40 +0000 (UTC) To: ding@gnus.org Original-X-From: ding-owner+M31913@lists.math.uh.edu Mon Aug 05 04:54:42 2013 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1V6AwS-0000zY-95 for ding-account@gmane.org; Mon, 05 Aug 2013 04:54:40 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1V6Aw7-0007XP-DZ; Sun, 04 Aug 2013 21:54:19 -0500 Original-Received: from mx1.math.uh.edu ([129.7.128.32]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1V6Aw5-0007XD-JS for ding@lists.math.uh.edu; Sun, 04 Aug 2013 21:54:17 -0500 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx1.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) (envelope-from ) id 1V6Aw1-00041c-Ls for ding@lists.math.uh.edu; Sun, 04 Aug 2013 21:54:17 -0500 Original-Received: from plane.gmane.org ([80.91.229.3]) by quimby.gnus.org with esmtp (Exim 4.72) (envelope-from ) id 1V6Avz-0004FE-Nw for ding@gnus.org; Mon, 05 Aug 2013 04:54:11 +0200 Original-Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1V6Avy-00086T-U9 for ding@gnus.org; Mon, 05 Aug 2013 04:54:10 +0200 Original-Received: from 221.216.161.92 ([221.216.161.92]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 05 Aug 2013 04:54:10 +0200 Original-Received: from eric by 221.216.161.92 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 05 Aug 2013 04:54:10 +0200 X-Injected-Via-Gmane: http://gmane.org/ Original-Lines: 52 Original-X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: 221.216.161.92 User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3 (gnu/linux) Cancel-Lock: sha1:kyj5dA3jNBlgOLBXkMBGxfeVL30= X-Spam-Score: 2.0 (++) X-Spam-Report: SpamAssassin (3.3.1 2010-03-16) analysis follows Bayesian score: 0.0000 Ham tokens: 0.000-2312--14317h-0s--0d--H*u:Emacs, 0.000-736--4559h-0s--0d--H*u:Gnus, 0.000-693--4288h-0s--0d--H*UA:linux, 0.000-693--4287h-0s--0d--H*u:linux, 0.000-682--4223h-0s--0d--H*UA:gnu Spam tokens: 0.989-9524--613h-49385s--0d--HTo:D*gnus.org, 0.989-9909--652h-51453s--0d--HX-Spam-Relays-External:quimby.gnus.org, 0.989-9909--652h-51453s--0d--H*RU:quimby.gnus.org, 0.986-9740--822h-51455s--0d--HX-Spam-Relays-Internal:quimby.gnus.org, 0.986-9740--822h-51455s--0d--H*RT:80.91.231.51 Autolearn status: no 2.7 FSL_HELO_BARE_IP_2 FSL_HELO_BARE_IP_2 1.2 RCVD_NUMERIC_HELO Received: contains an IP address used for HELO -0.0 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [80.91.229.3 listed in list.dnswl.org] -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:83657 Archived-At: Lars Magne Ingebrigtsen writes: > Eric Abrahamsen writes: > >> $ gnutls-cli -s -p 563 news.gmane.org >> Processed 157 CA certificate(s). >> Resolving 'news.gmane.org'... >> Connecting to '80.91.229.13:563'... >> >> - Simple Client Mode: >> >> Then it waits for a prompt. I'm not quite sure that's conclusive, >> though: I'm able to open most groups through this server, right now it >> only appears to be two or three gwene groups in particular that fail to >> decrypt properly... > > No, at that point it hasn't started doing anything encryption-ey, so > it's not conclusive. > > Port 563 isn't doing STARTTLS, but straight TLS. So drop the -s and see > what it says. Without the "-s" option I get an untrusted certificate error: $ gnutls-cli -p 563 news.gmane.org Processed 157 CA certificate(s). Resolving 'news.gmane.org'... Connecting to '80.91.229.13:563'... - Certificate type: X.509 - Got a certificate list of 1 certificates. - Certificate[0] info: - subject `C=NO,ST=Some-State,O=Gmane,CN=news.gmane.org', issuer `C=NO,ST=Some-State,O=Gmane,CN=news.gmane.org', RSA key 1024 bits, signed using RSA-SHA1, activated `2011-12-04 06:38:42 UTC', expires `2014-12-03 06:38:42 UTC', SHA-1 fingerprint `c0ec2f016cff4a43c1a7c7834b480b3ac54e90f9' Public Key Id: d21a01452b5a9b06106946930e64717869ff7ae0 Public key's random art: +--[ RSA 1024]----+ |=O+.ooo | |+*o+ . . | |= + + o | | . + = o | | . + + S | | . . = | | . + | | E . | | . | +-----------------+ - Status: The certificate is NOT trusted. The certificate issuer is unknown. *** Verifying server certificate failed... *** Fatal error: Error in the certificate. *** Handshake has failed GnuTLS error: Error in the certificate.