GNU bug report logs -
#31946
27.0.50; The NSM should warn about more TLS problems
Previous Next
Reported by: Lars Ingebrigtsen <larsi <at> gnus.org>
Date: Sat, 23 Jun 2018 10:39:02 UTC
Severity: normal
Tags: fixed, security
Found in version 27.0.50
Fixed in version 27.1
Done: Lars Ingebrigtsen <larsi <at> gnus.org>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
Eli Zaretskii <eliz <at> gnu.org> writes:
>> (open-network-stream "foo" nil "dh-composite.badssl.com" "https" :tls t)
>>
>> a short way to write the above. I.e., the default TLS parameters (which
>> is what you need in 99.9% of the cases) would be used if you just say
>> :tls t.
>>
>> Does that sound OK to you, Eli?
>
> Sounds good, but does it really require a new property? Why not a
> special value of the existing :tls-parameters? For example:
>
> (open-network-stream "foo" nil "dh-composite.badssl.com" "https"
> :tls-parameters 'tls-defaults)
Yes, that would work, too.
But I think (considering the semantics and discoverability of the
interface), that a separate :tls parameter would be nice. If the user
wonders "how to I make this connection encrypted? Ah, :tls t". It
seems like a logical interface.
For instance in constructions like
(open-network-stream ... :tls (and foo bar))
it seems more idiomatic.
While :tls-parameters 'tls-defaults is something that seems less natural
to me. :tls t :tls-parameters ... for the extremely, extremely few that
need to specify the parameters explicitly doesn't seem like a huge
imposition, either...
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
This bug report was last modified 5 years and 328 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.