GNU bug report logs - #16784
24.3; Problems opening NNTP connection: failing starttls because of a non-verified certificate

Previous Next

Packages: emacs, gnus;

Reported by: sb <at> dod.no

Date: Mon, 17 Feb 2014 17:52:01 UTC

Severity: normal

Tags: fixed

Found in version 24.3

Fixed in version 25.1

Done: Lars Magne Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Lars Magne Ingebrigtsen <larsi <at> gnus.org>
To: 16784 <at> debbugs.gnu.org
Subject: bug#16784: 24.3; Problems opening NNTP connection: failing starttls because of a non-verified certificate
Date: Mon, 24 Mar 2014 13:14:12 +0100

Steinar Bang <sb <at> dod.no> writes:

>>>>>> Lars Magne Ingebrigtsen <larsi <at> gnus.org>:
>
>> Ted Zlatanov <tzz <at> lifelogs.com> writes:
> SB> I would like one of the following solutions:
> SB> 1. The possibility to switch off the attempted upgrade to STARTTLS for
> SB> NNTP connections
>
>>> I think Lars has to give an opinion here.
>
>> I think we should always do encryption, even though we can't do validation.
>
> The reason I asked for this, is that if an ecryption I didn't ask for
> causes the connection to fail, I would like to be able to turn it off
> and have my unsafe connection.

Yeah, but I's saying that the connection shouldn't fail.  >"?  If you
didn't ask for encryption, but Emacs decides to do STARTTLS anyway, then
Emacs should not do identity validation.

Except perhaps just issue a message saying "couldn't validate TLS
identity" or something at the most.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no
This bug report was last modified 10 years and 226 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.