[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#9017: 24.0.50; gnutls.c: [0] (Emacs) fatal error: Key usage violatio
From: |
Ted Zlatanov |
Subject: |
bug#9017: 24.0.50; gnutls.c: [0] (Emacs) fatal error: Key usage violation in certificate has been detected. |
Date: |
Wed, 25 Jan 2012 14:29:14 -0600 |
User-agent: |
Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.92 (gnu/linux) |
On Sun, 17 Jul 2011 21:46:04 -0500 "Roland Winkler" <winkler@gnu.org> wrote:
RW> From the perspective of a user who doesn't know much about smtp, I
RW> agree with Stefan's previous message suggesting that it would be
RW> nice to get rid of the need to have customizations such as
RW> (setq gnutls-algorithm-priority "normal:-dhe-rsa")
RW> But from my perspective this may go on the wishlist.
I think we're saying that if the priority string generates this error:
gnutls.c: [0] (Emacs) fatal error: Key usage violation in certificate has been
detected.
we should at least tell the user "hey, maybe
(setq gnutls-algorithm-priority "normal:-dhe-rsa"
would work for you. Do you want to try it?"
I don't think it should be tried automatically. That's convenient but
insecure. The priority string above basically disables security.
If you agree about the prompting or have a better suggestion we can
unarchive this bug.
Ted
- bug#9017: 24.0.50; gnutls.c: [0] (Emacs) fatal error: Key usage violation in certificate has been detected.,
Ted Zlatanov <=