[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A couple of questions and concerns about Emacs network security

From: Eli Zaretskii
Subject: Re: A couple of questions and concerns about Emacs network security
Date: Fri, 06 Jul 2018 15:41:30 +0300

> From: Stephen Berman <address@hidden>
> Cc: Robert Pluim <address@hidden>,  address@hidden
> Date: Fri, 06 Jul 2018 11:45:17 +0200
>   After setting gnutls-min-prime-bits to 1024 I no longer get this
>   warning.
> Given this, it seems reasonable to conclude that most Emacs users who
> continue to use the current default setting are aware of the risk, and
> those who have changed it haven't experienced a problem worth reporting.
> Therefore, changing the default at this time is not likely to cause a
> problem for most long-time users, and will be safer for all new users,
> and most likely unproblematic for them (and if it is a problem, then
> they will know the trade-off).

Thanks, but I don't see how can we deduce "most" from any such
reports.  And the users who have made such a setting don't need the
defaults to change anyway.

Not that "most" counts here, anyway: the whole point of prolonged
testing of modified defaults is to uncover those rare use cases where
the new values do some harm, and see whether we need to augment the
new settings with something.  I see no way around that, sorry, not
when a feature as basic as network connections is concerned.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]