From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/83861
Path: news.gmane.org!not-for-mail
From: Ted Zlatanov <tzz@lifelogs.com>
Newsgroups: gmane.emacs.gnus.general
Subject: Re: Builtin GnuTLS support and certificate verification
Date: Mon, 11 Nov 2013 10:45:44 -0500
Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @
 Cienfuegos
Message-ID: <87r4anhrh3.fsf@flea.lifelogs.com>
References: <87iowbt5dq.fsf@guybrush.luffy.cx>
	<878ux782na.fsf@dex.adm.naquadah.org>
	<874n7uu2gg.fsf@guybrush.luffy.cx> <87txftsnub.fsf@flea.lifelogs.com>
	<m3zjpkndsd.fsf@neo.luffy.cx> <87li13q3dy.fsf@flea.lifelogs.com>
	<87a9hjaj2d.fsf@guybrush.luffy.cx>
Reply-To: ding@gnus.org
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Trace: ger.gmane.org 1384184735 12895 80.91.229.3 (11 Nov 2013 15:45:35 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Mon, 11 Nov 2013 15:45:35 +0000 (UTC)
To: ding@gnus.org
Original-X-From: ding-owner+M32117@lists.math.uh.edu Mon Nov 11 16:45:39 2013
Return-path: <ding-owner+M32117@lists.math.uh.edu>
Envelope-to: ding-account@gmane.org
Original-Received: from util0.math.uh.edu ([129.7.128.18])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <ding-owner+M32117@lists.math.uh.edu>)
	id 1VftgF-0004Or-Ez
	for ding-account@gmane.org; Mon, 11 Nov 2013 16:45:35 +0100
Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu)
	by util0.math.uh.edu with smtp (Exim 4.63)
	(envelope-from <ding-owner+M32117@lists.math.uh.edu>)
	id 1Vftg8-0002mj-PR; Mon, 11 Nov 2013 09:45:28 -0600
Original-Received: from mx2.math.uh.edu ([129.7.128.33])
	by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256)
	(Exim 4.63)
	(envelope-from <ding-account@m.gmane.org>)
	id 1Vftg7-0002mX-LN
	for ding@lists.math.uh.edu; Mon, 11 Nov 2013 09:45:27 -0600
Original-Received: from quimby.gnus.org ([80.91.231.51])
	by mx2.math.uh.edu with esmtps (TLSv1:AES128-SHA:128)
	(Exim 4.76)
	(envelope-from <ding-account@m.gmane.org>)
	id 1Vftg6-0003PX-7E
	for ding@lists.math.uh.edu; Mon, 11 Nov 2013 09:45:27 -0600
Original-Received: from plane.gmane.org ([80.91.229.3])
	by quimby.gnus.org with esmtp (Exim 4.80)
	(envelope-from <ding-account@m.gmane.org>)
	id 1Vftg4-00063x-RI
	for ding@gnus.org; Mon, 11 Nov 2013 16:45:24 +0100
Original-Received: from list by plane.gmane.org with local (Exim 4.69)
	(envelope-from <ding-account@m.gmane.org>)
	id 1Vftfx-00043q-Ng
	for ding@gnus.org; Mon, 11 Nov 2013 16:45:17 +0100
Original-Received: from c-98-229-61-72.hsd1.ma.comcast.net ([98.229.61.72])
        by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
        id 1AlnuQ-0007hv-00
        for <ding@gnus.org>; Mon, 11 Nov 2013 16:45:17 +0100
Original-Received: from tzz by c-98-229-61-72.hsd1.ma.comcast.net with local (Gmexim 0.1 (Debian))
        id 1AlnuQ-0007hv-00
        for <ding@gnus.org>; Mon, 11 Nov 2013 16:45:17 +0100
X-Injected-Via-Gmane: http://gmane.org/
Mail-Followup-To: ding@gnus.org
Original-Lines: 41
Original-X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: c-98-229-61-72.hsd1.ma.comcast.net
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
Mail-Copies-To: never
User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux)
Cancel-Lock: sha1:+cE79yZpuxx6s+ylaXyKnedyCUk=
X-Spam-Score: -1.9 (-)
List-ID: <ding.gnus.org>
Precedence: bulk
Xref: news.gmane.org gmane.emacs.gnus.general:83861
Archived-At: <http://permalink.gmane.org/gmane.emacs.gnus.general/83861>

On Mon, 04 Nov 2013 23:38:50 +0100 Vincent Bernat <bernat@luffy.cx> wrote: 

VB>  ❦  4 novembre 2013 22:10 CET, Ted Zlatanov <tzz@lifelogs.com> :
VB> So, for me, there should be only one verification algorithm. We are not
VB> in the ideal case for this because we only have one algorithm but its
VB> name does not exactly describe it.
>> 
VB> Maybe you could just alias verify-error and verify-hostname-error and
VB> say in the documentation that they do the same and that
VB> verify-hostname-error will be removed at some point?
>> 
>> I think :verify-error should be a list; when it contains 'x509-hostname
>> then we behave like :verify-hostname-error does now, for backwards
>> compatibility.  But otherwise we'll add extra checks to the list, not as
>> top-level options to `gnutls-boot'.  It's easy to put a Customize
>> interface on top of that.

VB> When you say x509-hostname, do you mean "by default"? If yes, I
VB> agree.

Yes.  I think.  How would you like it to look?

VB> But I suppose you would have to implement a "confirm on error"
VB> option. I cannot propose myself to implement that since I have
VB> absolutely no clue on how Emacs Lisp interface with C.

I'm interested in your opinion.  How would you expect Emacs (on the
GnuTLS C level or on the Gnus level) to handle these cases, and how
would you control them with customizable variables?

- expired cert
- hostname mismatch
- self-signed cert, first time seen
- cert mismatch

In general we have the problem of asking questions in the middle of
establishing a network connection.  This is not easy with Emacs, whose
interactive ELisp layer is too complicated to be reliably called from
the C layer.  So all of the above have to work without user interaction.

Ted