[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#15792: 24.3; Builtin TLS support should enable certificate verificat
From: |
Vincent Bernat |
Subject: |
bug#15792: 24.3; Builtin TLS support should enable certificate verification support by default |
Date: |
Sat, 02 Nov 2013 16:05:21 +0100 |
Hi!
New builtin TLS support disables certificate verification by
default. This is a very bad practice and the default should be to check
for certificate validity.
Moreover, the end-user of a package using this builtin support has no
easy way to enable the verification of TLS certificates. For example,
Gnus does not provide anything to enable this and as a simple user, it
seems quite difficult to ensure that certificates are verified. And each
package has the responsability to enable this option. This is
cumbersome.
Previously, enabling/disabling certificate verification was easy. You
set `tls-program` variable to something that checks or don't check for
certificates. For gnutls-client, this was a matter of using or not using
the `--insecure` switch.
I didn't find a way to disable the builtin TLS support (other than to
recompile Emacs).
I propose:
1. Verify the certificates by default.
2. Prompt the user if there is a problem.
3. Add the possibility to not check for certificates by default.
I can provide a patch for the first step but I have little Emacs-fu for
the other two parts (all the more that most of the code is in C).
--
Use variable names that mean something.
- The Elements of Programming Style (Kernighan & Plauger)
- bug#15792: 24.3; Builtin TLS support should enable certificate verification support by default,
Vincent Bernat <=