GNU bug report logs - #16784
24.3; Problems opening NNTP connection: failing starttls because of a non-verified certificate

Previous Next

Packages: gnus, emacs;

Reported by: sb <at> dod.no

Date: Mon, 17 Feb 2014 17:52:01 UTC

Severity: normal

Tags: fixed

Found in version 24.3

Fixed in version 25.1

Done: Lars Magne Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Lars Magne Ingebrigtsen <larsi <at> gnus.org>
To: sb <at> dod.no
Cc: 16784 <at> debbugs.gnu.org
Subject: bug#16784: 24.3; Problems opening NNTP connection: failing starttls because of a non-verified certificate
Date: Thu, 20 Mar 2014 15:58:02 +0100

Ted Zlatanov <tzz <at> lifelogs.com> writes:

> SB> I would like one of the following solutions:
> SB> 1. The possibility to switch off the attempted upgrade to STARTTLS for
> SB> NNTP connections
>
> I think Lars has to give an opinion here.

I think we should always do encryption, even though we can't do validation.

> So basically customize that variable and add :trustfiles and :hostname
> for the respective verifications, or nil to disable them.

When doing opportunistic upgrades (where the user hasn't asked for the
connection to be encrypted), bothering the user with warnings about not
being able to establish the identity of the server doesn't make much
sense.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no
This bug report was last modified 10 years and 226 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.