From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/80182
Path: news.gmane.org!not-for-mail
From: Lars Magne Ingebrigtsen <larsi@gnus.org>
Newsgroups: gmane.emacs.gnus.general
Subject: Re: Built-in TLS vs. nnimap security
Date: Thu, 06 Oct 2011 23:23:01 +0200
Message-ID: <m3lisxlsqy.fsf@stories.gnus.org>
References: <87pqkgf7pw.fsf@silenus.orebokech.com>
	<m3mxf7tvci.fsf@stories.gnus.org> <87ty7vlnsh.fsf@lifelogs.com>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: dough.gmane.org 1317936383 29098 80.91.229.12 (6 Oct 2011 21:26:23 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Thu, 6 Oct 2011 21:26:23 +0000 (UTC)
To: ding@gnus.org
Original-X-From: ding-owner+M28477@lists.math.uh.edu Thu Oct 06 23:26:19 2011
Return-path: <ding-owner+M28477@lists.math.uh.edu>
Envelope-to: ding-account@gmane.org
Original-Received: from util0.math.uh.edu ([129.7.128.18])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <ding-owner+M28477@lists.math.uh.edu>)
	id 1RBvSL-0002Rp-Mp
	for ding-account@gmane.org; Thu, 06 Oct 2011 23:26:18 +0200
Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu)
	by util0.math.uh.edu with smtp (Exim 4.63)
	(envelope-from <ding-owner+M28477@lists.math.uh.edu>)
	id 1RBvSJ-0004Ya-7M; Thu, 06 Oct 2011 16:26:15 -0500
Original-Received: from mx1.math.uh.edu ([129.7.128.32])
	by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256)
	(Exim 4.63)
	(envelope-from <larsi@gnus.org>)
	id 1RBvSG-0004YJ-Te
	for ding@lists.math.uh.edu; Thu, 06 Oct 2011 16:26:12 -0500
Original-Received: from quimby.gnus.org ([80.91.231.51])
	by mx1.math.uh.edu with esmtps (TLSv1:AES256-SHA:256)
	(Exim 4.76)
	(envelope-from <larsi@gnus.org>)
	id 1RBvSF-00026o-Nc
	for ding@lists.math.uh.edu; Thu, 06 Oct 2011 16:26:12 -0500
Original-Received: from hermes.netfonds.no ([80.91.224.195])
	by quimby.gnus.org with esmtp (Exim 4.72)
	(envelope-from <larsi@gnus.org>)
	id 1RBvSE-0007sP-AV
	for ding@gnus.org; Thu, 06 Oct 2011 23:26:10 +0200
Original-Received: from cm-84.215.51.58.getinternet.no ([84.215.51.58] helo=stories.gnus.org)
	by hermes.netfonds.no with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)
	(Exim 4.72)
	(envelope-from <larsi@gnus.org>)
	id 1RBvS5-000277-1e
	for ding@gnus.org; Thu, 06 Oct 2011 23:26:01 +0200
In-Reply-To: <87ty7vlnsh.fsf@lifelogs.com> (Ted Zlatanov's message of "Thu, 29
	Sep 2011 04:07:26 -0500")
User-Agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.90 (gnu/linux)
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAGFBMVEWdkYaxpJOXiX7YyVCK
 enCaOjCqnZCkl4r794glAAACLklEQVQ4jV2US47bMAyGiWBarR2g6tZQ3AMESvaFw5zAFrodD6bU
 Vg0K6fr9KTlOUiJPfnyJJkXMrieiHZEpEFPI7ZzjK/HoqICQMSXnmJOBlWMmdYCl6ssiEP0DQnCg
 kt+hFuk6K53EmMgNK4hZsnRL1wFYSbQDQGq1VvsmIrEQgJZjYCbLgxTzRoiUkpHFbh7VpwJKJPIM
 FguAFHjl21chh9IasfGmHq43EqZvIYRpegCYO2c+g4c++Om4ZvkAQGvoxg14v4KkYGTKfNFID/AO
 gI658OvLCmosW8HAfF1T+PP/YPLN4XTx91CkALoTM5+n06WVVVIFV5jP7JkvPm9V3cHE/pNHfz9H
 qaAmPv3Zc/DH78MTQJKgtvBEZ45PyTW7r8CH2pUYV4C0APPI/q3WJQBJzzFfEGof3HDYj8c1h4IQ
 2J8ny+PBv5QLMB/OvtOI7XlsQFXtMAhkrQLTkqMf4fwAmDmT3qDtXW0kEnkFHQCVHfOYlwHBuLUd
 M1Z0CncD/5QfM2th7UGJOuSS3NBjSn7Ph3Z+OFQQU9+mZEYPW6SM7SGTMfRG2P9FDW18VqANNoJe
 ABwu9XS6IAAJNS/bqONwURooJZnFdt2ybUdJWByjRWeBYR13u2wg6zrqRtnqsOh66g6SiVjuCuCj
 30n3edClMLqEsULNcAd6L8CrlFxxqvoK+l7vhoS3qQMItasXAKTXP7QKfg6DXhnA7kUGLAbAJmP9
 WJ/nM3iVf6309N8mIJbLAAAAAElFTkSuQmCC
X-Now-Playing: Plaid's _Scintilli_: "Tender Hooks"
X-MailScanner-ID: 1RBvS5-000277-1e
MailScanner-NULL-Check: 1318541162.26911@wkwY54rttA0JusnbXoLH9Q
X-Spam-Status: No
X-Spam-Score: -1.9 (-)
List-ID: <ding.gnus.org>
Precedence: bulk
Xref: news.gmane.org gmane.emacs.gnus.general:80182
Archived-At: <http://permalink.gmane.org/gmane.emacs.gnus.general/80182>

Ted Zlatanov <tzz@lifelogs.com> writes:

> We need the callbacks for custom certificate verification, but what
> Romain describes simply needs the :verify-flags, :verify-error, and
> :verify-hostname-error flags to `gnutls-negotiate'.
> `open-gnutls-stream' doesn't pass them currently.  So the question is,
> should they be:
>
> 1) always enabled, and the user has to Customize to turn them off per
> host or globally
>
> 2) always disabled, and the user has to Customize to turn them on per
> host or globally
>
> 3) when connecting to an unknown hostname, the user is asked and then we
> save the results

I think the user should be queried if the certificate is "wrong".  I.e.,
if it's for the wrong hostname or expired and stuff like that.  And then
we should save the result.

> Similarly we should make the :priority-string and :min-prime-bits
> customizable per host, right now they are global as you and Lawrence
> Mitchell implemented them.
>
> Similarly we should have a way to set :trustfiles, :crlfiles, and
> :keylist per host or globally.  For all these settings I don't know if
> (1) or (2) or (3) is the best approach.

Yeah, the per-host storage thing is slightly tricky...

-- 
(domestic pets only, the antidote for overdose, milk.)
  bloggy blog http://lars.ingebrigtsen.no/