GNU bug report logs - #13374
24.?; open-gnutls-stream insecurity

Previous Next

Package: emacs;

Reported by: Oleksii Shevchuk <alxchk <at> gmail.com>

Date: Mon, 7 Jan 2013 16:53:02 UTC

Severity: important

Merged with 13877, 15792

Found in version 24.3

Done: Ted Zlatanov <tzz <at> lifelogs.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Ted Zlatanov <tzz <at> lifelogs.com>
To: Glenn Morris <rgm <at> gnu.org>, Moritz Ulrich <moritz <at> tarn-vedra.de>
Cc: 13374 <at> debbugs.gnu.org, 13877 <at> debbugs.gnu.org
Subject: bug#13374: bug#13877: 24.3; gnutls.el: Enable Certificate Checks
Date: Wed, 27 Mar 2013 09:20:46 -0400

On Thu, 14 Mar 2013 08:19:09 -0400 Ted Zlatanov <tzz <at> lifelogs.com> wrote: 

TZ> On Tue, 05 Mar 2013 11:51:33 -0500 Glenn Morris <rgm <at> gnu.org> wrote: 
GM> Moritz Ulrich wrote:
>>> Currently, gnutls.el doesn't check certificate signatures when used via
>>> `open-network-stream' with :type 'tls or `open-gnutls-stream'.

GM> Please see http://debbugs.gnu.org/13374
GM> It was considered too complicated to fix this properly for 24.3.

TZ> I would like to fix this properly now that 24.3 is out, but perhaps the
TZ> emacs-devel mailing list is a better place to work on it?

I started the discussion in emacs-devel.  Please contribute your ideas
and opinions.

Ted

This bug report was last modified 11 years and 157 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #13374 24.?; open-gnutls-stream insecurity

GNU bug report logs - #13374
24.?; open-gnutls-stream insecurity