From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/83423 Path: news.gmane.org!not-for-mail From: "Herbert J. Skuhra" Newsgroups: gmane.emacs.gnus.general Subject: Re: gnutls.c warning Date: Fri, 28 Jun 2013 00:53:01 +0200 Message-ID: <87li5vf9o2.wl%hskuhra@eumx.net> References: <87fvw57tx5.wl%hskuhra@eumx.net> <87li5x5qxp.fsf@thinkpad.tsdh.de> <874ncjqwjd.fsf@lifelogs.com> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-Trace: ger.gmane.org 1372373710 11187 80.91.229.3 (27 Jun 2013 22:55:10 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Thu, 27 Jun 2013 22:55:10 +0000 (UTC) To: ding@gnus.org Original-X-From: ding-owner+M31683@lists.math.uh.edu Fri Jun 28 00:55:09 2013 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1UsL5o-0002yy-D5 for ding-account@gmane.org; Fri, 28 Jun 2013 00:55:08 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1UsL4A-0006Nm-TJ; Thu, 27 Jun 2013 17:53:26 -0500 Original-Received: from mx1.math.uh.edu ([129.7.128.32]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1UsL49-0006Nd-L1 for ding@lists.math.uh.edu; Thu, 27 Jun 2013 17:53:25 -0500 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx1.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) (envelope-from ) id 1UsL47-0003tl-Ss for ding@lists.math.uh.edu; Thu, 27 Jun 2013 17:53:25 -0500 Original-Received: from eumx.net ([91.82.101.43] helo=owm.eumx.net) by quimby.gnus.org with esmtp (Exim 4.72) (envelope-from ) id 1UsL45-0005A5-VV for ding@gnus.org; Fri, 28 Jun 2013 00:53:22 +0200 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=eumx.net; h=date :message-id:from:to:subject:in-reply-to:references:mime-version :content-type; s=default; bh=AZTlemd7sVqcv3386tzrLMILtUA=; b=vrr xXXS/LxYsx16zNgX1KrInYcC/x2bqT59SnQwVVI4AtkoruwM1y37gf/wZ2fVK34R 9KZwhm+4NffViOuOQezNk6ZsNhmzfAdnoyLB39SZvLY6xMhFIlO2hKr1bzO8e5dm wlXmLkwyvc7Th4gSJ875Ti2rhq6O62+yzntNjzMU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=eumx.net; h=date:message-id :from:to:subject:in-reply-to:references:mime-version :content-type; q=dns; s=default; b=w51g2bctYww+KsCk/4uEJV2To/NQs e765I3/SwzdscqqAzAJL3M4PEC3uPY6LHQoe1Jx9dBPBGMxdyCIKTzxkUTwB9bDR WmHnRO5T5UQ/M0ovB7fMQq+iuEGPZ6YuKBLMgyPNCjLFaCDR4XrgP++aVK7m64/D quI2eGNbMPUQOg= In-Reply-To: <874ncjqwjd.fsf@lifelogs.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL/10.8 EasyPG/1.0.0 Emacs/24.3.50 (i686-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) X-Spam-Score: -3.3 (---) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:83423 Archived-At: On Thu, 27 Jun 2013 13:43:34 -0400 Ted Zlatanov wrote: > On Wed, 26 Jun 2013 08:25:38 +0200 Tassilo Horn wrote: > > TH> "Herbert J. Skuhra" writes: > >>> I keep getting this warning, and can't find any way to turn it off. > >>> > >>> gnutls.c: [1] Note that the security level of the Diffie-Hellman key exchange > >>> has been lowered to 256 bits and this may allow decryption of the session data > > TH> Ditto. > > This is not coming from Emacs, actually. Shutting it up requires > lowering the gnutls.el verbosity level altogether. But the warning is > very important and should not be ignored. > > >>> Is there some setting to say ok, I understand, quit nagging me? > >> > >> After setting gnutls-min-prime-bits to 1024 I no longer get this > >> warning. > > TH> ,----[ C-h v gnutls-min-prime-bits RET ] > TH> | gnutls-min-prime-bits is a variable defined in `gnutls.el'. > TH> | Its value is 1024 > TH> | Original value was 256 > TH> | > TH> | Documentation: > TH> | Minimum number of prime bits accepted by GnuTLS for key exchange. > TH> | During a Diffie-Hellman handshake, if the server sends a prime > TH> | number with fewer than this number of bits, the handshake is > TH> | rejected. (The smaller the prime number, the less secure the > TH> | key exchange is against man-in-the-middle attacks.) > TH> | > TH> | A value of nil says to use the default GnuTLS value. > TH> `---- > > TH> Hm, what happens if the value is higher than what the server wants to > TH> provide? Connection error (fine)? Drop to an insecured connection > TH> (please no!)? Or do the servers automatically increase the bit number > TH> if a client rejects a handshake? > > (The below is AFAIK and please forgive any inaccuracies.) > > We rely on GnuTLS to DTRT. The DH handshake does not affect the > security of the session after it's established, so it would not create > an insecure connection. Its only purpose is to shake hands and exchange > identities. > > When the client (Emacs) and the server negotiate to 1024, for instance, > everything is kosher. They will try for the highest number. Will they? With gnutls-min-prime-bits = 256: gnutls.c: [1] Note that the security level of the Diffie-Hellman key exchange has been lowered to 256 bits and this may allow decryption of the session data With gnutls-min-prime-bits = 512: gnutls.c: [1] Note that the security level of the Diffie-Hellman key exchange has been lowered to 512 bits and this may allow decryption of the session data The warning is gone if value is >= 768 or nil. -- Herbert