bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#31946: 27.0.50; The NSM should warn about more TLS problems

From: Noam Postavsky
Subject: bug#31946: 27.0.50; The NSM should warn about more TLS problems
Date: Mon, 25 Jun 2018 21:23:16 -0400
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) 
Lars Ingebrigtsen <larsi@gnus.org> writes:

> There are also more protocol stuff we should warn about on various
> levels.  These should be on `high':

>>            "https://dh-small-subgroup.badssl.com/"        ;; fail
>>            "https://dh-composite.badssl.com/"             ;; fail

So these ones seem kind of problematic, as alluded to on emacs-devel.
It doesn't look like gnutls has an API to get or check the value of the
DH primes (calc-prime-test bails out when given a 1024 bit prime, so we
definitely need library support for this).

https://lists.gnu.org/archive/html/emacs-devel/2018-06/msg00805.html
https://lists.gnu.org/archive/html/emacs-devel/2018-06/msg00807.html
reply via email to
[Prev in Thread] Current Thread [Next in Thread]