From: "Herbert J. Skuhra" <hskuhra@eumx.net>
To: ding@gnus.org
Subject: Re: gnutls.c warning
Date: Fri, 28 Jun 2013 00:53:01 +0200 [thread overview]
Message-ID: <87li5vf9o2.wl%hskuhra@eumx.net> (raw)
In-Reply-To: <874ncjqwjd.fsf@lifelogs.com>
On Thu, 27 Jun 2013 13:43:34 -0400
Ted Zlatanov <tzz@lifelogs.com> wrote:
> On Wed, 26 Jun 2013 08:25:38 +0200 Tassilo Horn <tsdh@gnu.org> wrote:
>
> TH> "Herbert J. Skuhra" <hskuhra@eumx.net> writes:
> >>> I keep getting this warning, and can't find any way to turn it off.
> >>>
> >>> gnutls.c: [1] Note that the security level of the Diffie-Hellman key exchange
> >>> has been lowered to 256 bits and this may allow decryption of the session data
>
> TH> Ditto.
>
> This is not coming from Emacs, actually. Shutting it up requires
> lowering the gnutls.el verbosity level altogether. But the warning is
> very important and should not be ignored.
>
> >>> Is there some setting to say ok, I understand, quit nagging me?
> >>
> >> After setting gnutls-min-prime-bits to 1024 I no longer get this
> >> warning.
>
> TH> ,----[ C-h v gnutls-min-prime-bits RET ]
> TH> | gnutls-min-prime-bits is a variable defined in `gnutls.el'.
> TH> | Its value is 1024
> TH> | Original value was 256
> TH> |
> TH> | Documentation:
> TH> | Minimum number of prime bits accepted by GnuTLS for key exchange.
> TH> | During a Diffie-Hellman handshake, if the server sends a prime
> TH> | number with fewer than this number of bits, the handshake is
> TH> | rejected. (The smaller the prime number, the less secure the
> TH> | key exchange is against man-in-the-middle attacks.)
> TH> |
> TH> | A value of nil says to use the default GnuTLS value.
> TH> `----
>
> TH> Hm, what happens if the value is higher than what the server wants to
> TH> provide? Connection error (fine)? Drop to an insecured connection
> TH> (please no!)? Or do the servers automatically increase the bit number
> TH> if a client rejects a handshake?
>
> (The below is AFAIK and please forgive any inaccuracies.)
>
> We rely on GnuTLS to DTRT. The DH handshake does not affect the
> security of the session after it's established, so it would not create
> an insecure connection. Its only purpose is to shake hands and exchange
> identities.
>
> When the client (Emacs) and the server negotiate to 1024, for instance,
> everything is kosher. They will try for the highest number.
Will they?
With gnutls-min-prime-bits = 256:
gnutls.c: [1] Note that the security level of the Diffie-Hellman key exchange
has been lowered to 256 bits and this may allow decryption of the session data
With gnutls-min-prime-bits = 512:
gnutls.c: [1] Note that the security level of the Diffie-Hellman key exchange
has been lowered to 512 bits and this may allow decryption of the session data
The warning is gone if value is >= 768 or nil.
--
Herbert
next prev parent reply other threads:[~2013-06-27 22:53 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-25 19:07 J. David Boyd
2013-06-25 21:38 ` Herbert J. Skuhra
2013-06-26 6:25 ` Tassilo Horn
2013-06-27 17:43 ` Ted Zlatanov
2013-06-27 22:53 ` Herbert J. Skuhra [this message]
2013-06-28 12:39 ` Tassilo Horn
2013-06-28 14:22 ` Ted Zlatanov
2013-07-01 12:41 ` Ted Zlatanov
2013-06-26 15:47 ` J. David Boyd
2013-06-26 16:59 ` J. David Boyd
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87li5vf9o2.wl%hskuhra@eumx.net \
--to=hskuhra@eumx.net \
--cc=ding@gnus.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).