bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits

From:	Lars Magne Ingebrigtsen
Subject:	bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits
Date:	Mon, 08 Dec 2014 20:43:40 +0100
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/25.0.50 (gnu/linux)

Tassilo Horn <tsdh@gnu.org> writes:

> When TLS support landed and Gnus used it, I frequently had messages like
> "the Diffie-Hellman prime has been lowered to XXX bits" for XXX being
> 256(?) or something like that.  Then I've set
>
>   (setq gnutls-min-prime-bits 2048)
>
> and everything worked smoothly, I got no warning messages, and I felt
> more secure.  Well, until today.  When I fired up Gnus today, I got this
> error for my Fastmail IMAP account:
>
> 20130809T100721.075> Opening connection to mail.messagingengine.com via tls...
> gnutls.c: [0] (Emacs) fatal error: The Diffie-Hellman prime sent by the 
> server is not acceptable (not long enough).

That's what you asked it to do, so it's not a bug.  However, the NSM
just got a Diffie-Hellman check, so that can be used instead.  So I'm
closing this bug report.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

[Prev in Thread]

Current Thread

[Next in Thread]

bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits, Lars Magne Ingebrigtsen <=

Prev by Date: bug#19153: 25.0.50; The NSM should warn when there are too few prime bits
Next by Date: bug#17660: 24.3; gnutls-min-prime-bits is 256
Previous by thread: bug#19153: 25.0.50; The NSM should warn when there are too few prime bits
Next by thread: bug#17660: 24.3; gnutls-min-prime-bits is 256
Index(es):
- Date
- Thread