From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/83953
Path: news.gmane.org!not-for-mail
From: Vincent Bernat <bernat@luffy.cx>
Newsgroups: gmane.emacs.gnus.general
Subject: Re: Builtin GnuTLS support and certificate verification
Date: Sun, 08 Dec 2013 09:39:23 +0100
Message-ID: <87y53v7n44.fsf@guybrush.luffy.cx>
References: <87iowbt5dq.fsf@guybrush.luffy.cx>
	<878ux782na.fsf@dex.adm.naquadah.org>
	<874n7uu2gg.fsf@guybrush.luffy.cx> <87txftsnub.fsf@flea.lifelogs.com>
	<m3zjpkndsd.fsf@neo.luffy.cx> <87li13q3dy.fsf@flea.lifelogs.com>
	<87a9hjaj2d.fsf@guybrush.luffy.cx> <87r4anhrh3.fsf@flea.lifelogs.com>
	<m338mwsig3.fsf@neo.luffy.cx> <871u2g1ofu.fsf@dex.adm.naquadah.org>
	<87vbz0vun4.fsf@flea.lifelogs.com>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Trace: ger.gmane.org 1386492022 24413 80.91.229.3 (8 Dec 2013 08:40:22 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Sun, 8 Dec 2013 08:40:22 +0000 (UTC)
To: ding@gnus.org
Original-X-From: ding-owner+M32208@lists.math.uh.edu Sun Dec 08 09:40:28 2013
Return-path: <ding-owner+M32208@lists.math.uh.edu>
Envelope-to: ding-account@gmane.org
Original-Received: from util0.math.uh.edu ([129.7.128.18])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <ding-owner+M32208@lists.math.uh.edu>)
	id 1VpZuc-0007E1-Rj
	for ding-account@gmane.org; Sun, 08 Dec 2013 09:40:27 +0100
Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu)
	by util0.math.uh.edu with smtp (Exim 4.63)
	(envelope-from <ding-owner+M32208@lists.math.uh.edu>)
	id 1VpZtn-0001TY-L2; Sun, 08 Dec 2013 02:39:35 -0600
Original-Received: from mx2.math.uh.edu ([129.7.128.33])
	by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256)
	(Exim 4.63)
	(envelope-from <bernat@luffy.cx>)
	id 1VpZtj-0001TM-Iz
	for ding@lists.math.uh.edu; Sun, 08 Dec 2013 02:39:31 -0600
Original-Received: from quimby.gnus.org ([80.91.231.51])
	by mx2.math.uh.edu with esmtps (TLSv1:AES128-SHA:128)
	(Exim 4.76)
	(envelope-from <bernat@luffy.cx>)
	id 1VpZti-0002pP-1e
	for ding@lists.math.uh.edu; Sun, 08 Dec 2013 02:39:31 -0600
Original-Received: from bart.luffy.cx ([78.47.78.131])
	by quimby.gnus.org with esmtp (Exim 4.80)
	(envelope-from <bernat@luffy.cx>)
	id 1VpZtf-0007E9-SO
	for ding@gnus.org; Sun, 08 Dec 2013 09:39:27 +0100
Original-Received: from bart.luffy.cx (localhost [127.0.0.1])
	by bart.luffy.cx (Postfix) with ESMTP id 1D6E5141F7
	for <ding@gnus.org>; Sun,  8 Dec 2013 09:39:27 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=luffy.cx; h=from:to:subject
	:references:date:in-reply-to:message-id:mime-version
	:content-type:content-transfer-encoding; s=postfix; bh=H23xhu8jv
	GjJccv8GqucxCiGYH8=; b=TYaOVunLEQg7JIvaGmDcbf2yqANn3ZzoeXF+nu7mw
	4aZXxooR+bnZ/Wlt4JizYhlKsfX04xpB6itMjmyB601yYN0PloxJHqaK4tdLjV2E
	RJB9KxWJfypklnwj/coP4o1TjL3FYVRggUbjKldVAtlXx9snmBHQ+YTVlbgVhAo0
	/k=
DomainKey-Signature: a=rsa-sha1; c=simple; d=luffy.cx; h=from:to:subject
	:references:date:in-reply-to:message-id:mime-version
	:content-type:content-transfer-encoding; q=dns; s=postfix; b=t1x
	/Z0HA70fBClZVtkwcNeRmUF91SzPMd68Ybod6OmV/ST/mpWPP9DqHrglpVPcqtWS
	Qh1tVMmXk4vCtQl5B43H9bvRuglHX36Dg72VtcL/Ovnz4J07nL9ON6SRrITie8HT
	0ZD0+RDV2UxRUV5eHEFiYhY0gVeSTTj84Q5OD8Vg=
Original-Received: from guybrush.luffy.cx (unknown [IPv6:2a01:e34:ec6d:710:8ea9:82ff:fe6d:94c8])
	by bart.luffy.cx (Postfix) with ESMTPS id B9C6214140
	for <ding@gnus.org>; Sun,  8 Dec 2013 09:39:26 +0100 (CET)
Original-Received: by guybrush.luffy.cx (Postfix, from userid 1000)
	id C36CC190; Sun,  8 Dec 2013 09:39:23 +0100 (CET)
In-Reply-To: <87vbz0vun4.fsf@flea.lifelogs.com> (Ted Zlatanov's message of
	"Sat, 07 Dec 2013 23:22:55 -0500")
User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3 (gnu/linux)
X-Spam-Score: -2.2 (--)
List-ID: <ding.gnus.org>
Precedence: bulk
Xref: news.gmane.org gmane.emacs.gnus.general:83953
Archived-At: <http://permalink.gmane.org/gmane.emacs.gnus.general/83953>

 =E2=9D=A6  8 d=C3=A9cembre 2013 05:22 CET, Ted Zlatanov <tzz@lifelogs.com>=
=C2=A0:

>>> Verification options could be:
>>>=20
>>> - `expired-certificate`
>>> - `revoked-certificate`
>>> - `untrusted-certificate`
>>> - `hostname-mismatch`
>
> I'm not sure this granularity is necessary.  I just have :trustfiles and
> :hostname as options right now.  Anyone else with an opinion?

I thought you wanted something granular, hence the proposition. I don't
know of any other software proposing granular verification. So, no
problem with dropping this.

> My concern is that suddenly connections will start failing for our users
> and bug reports will flow, and I don't have time to explain to everyone
> why their self-signed certificates need exceptions.  This can be really,
> really annoying.  But logging in *Messages* is not very useful either,
> users don't read it.  So what's the right thing?  How about a default
> behavior of flashing a warning, then sit-for 3 seconds?  A hard error
> can be optional but not the default.

For a first release, just default to the previous behaviour. However,
some day, it would be nice to be "secure by default".

> I'm also not sure I like the look and feel of the `gnutls-verify-error'
> defcustom.  It's kind of awkward.

I am don't know defcustom enough to know if this would give something
like this:

'((".*\\.internal" :hostname)
  (".*" :trustfiles :hostname))

If yes, this seems fine for me. Just add the possible values for tags in
the document string.

> I'd like to get this done before the Emacs code freeze next week or so.
> Please give me your opinions and test the code.

I'll try to test later this day.
--=20
panic("aha1740.c"); /* Goodbye */
	2.2.16 /usr/src/linux/drivers/scsi/aha1740.c