GNU bug report logs -
#15905
24.3; url-copy-file sometimes silently downloads garbage or incomplete file
Previous Next
Reported by: Ryan <rct <at> thompsonclan.org>
Date: Fri, 15 Nov 2013 16:14:02 UTC
Severity: normal
Tags: wontfix
Merged with 10504
Found in versions 24.0.90, 24.3
Done: Lars Ingebrigtsen <larsi <at> gnus.org>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
Lars Magne Ingebrigtsen <larsi <at> gnus.org> writes:
> John Wiegley <jwiegley <at> gmail.com> writes:
>
>> Lars, what is the argument for rejecting external TLS programs, for and
>> against?
>
> I don't know what the pro argument is.
One of the pro arguments, of course, is choice.
>
> The argument against is that using external programs doesn't go through
> the Emacs network security manager, and TLS validation either has to be
> switched off ("--insecure") or switched on for all connections. Which
> is, of course, unacceptable.
You can use certificates with the -CApath argument to OpenSSL just like
GnuTLS uses trustfiles -- it doesn't have to be all or nothing.
I'm not suggesting that the ("--insecure") switch be the default but why
actively prevent users from using OpenSSL or any other external SSL/TLS
program if they choose to do so and go through the trouble of setting
it up for themselves?
No one is against having internal GnuTLS and NSM facilities as a
convenience and a security feature enabled and setup for users as
the default environment.
But please reconsider removing choice for users.
Thanks.
This bug report was last modified 9 years and 136 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.