[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A couple of questions and concerns about Emacs network security

From: Robert Pluim
Subject: Re: A couple of questions and concerns about Emacs network security
Date: Fri, 06 Jul 2018 11:35:54 +0200

Eli Zaretskii <address@hidden> writes:

>> From: Robert Pluim <address@hidden>
>> Cc: "Perry E. Metzger" <address@hidden>,  address@hidden,  address@hidden,  
>> address@hidden,  address@hidden,  address@hidden
>> Date: Fri, 06 Jul 2018 10:36:54 +0200
>> > Anyway, it seems you completely miss my point: I didn't say that we
>> > shouldn't increase the number of bits, just that we shouldn't do that
>> > on the release branch, unless we are willing to delay Emacs 26.2
>> > significantly.
>> FWIW, Iʼve had gnutls-min-prime-bits set to 1024 since 2014-11-25, and
>> have seen no adverse effects from it, so I donʼt think the risk is
>> that great.
> Thanks for the data point.
> Unfortunately, our experience is that use patterns vary widely between
> different Emacs users, and so problem-free experience of a single
> individual, or even several people, is not enough to be sure there are
> no significant issues.  And TLS secured connections are central to
> many Emacs features.

TLS is central to many of life's interactions now, unfortunately.

> Emacs 26.2 is supposed to have fewer significant bugs than Emacs 26.1,
> so we must be careful if we make changes that could bring new
> problems.

Yes. Would you be willing to try changing it on master?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]