Re: A couple of questions and concerns about Emacs network security

[Jimmy Yuen Ho Wong]

> > so I think it's better just to not say anything.  Or just "what nil
> > means depends on the GnuTLS version".
>
> Problem is, I cannot find this number in the GnuTLS documentation,
> either.  Maybe I'm blind; but if not, it means our users have no
> reasonable way of knowing how many bits they are using, and that is
> not good, IMO.
>

It's not in the documentation, it's in the src/gnutls.c line
1834-1835. It's also in the docstring of `gnutls-min-prime-bits`.

> > Users aren't supposed to care about that variable, anyway, since the NSM
> > warns about less than 1024 bits...
>
> Yes, but what if GnuTLS bumps the default to more than that?  And even
> if not, I think I might like to know how far below 1024 I'm going to
> be if I allow the connection.

See my other email for a way out of this. Once you've caught
GNUTLS_E_DH_PRIME_UNACCEPTABLE, you can still call
gnutls_dh_get_prime_bits to get the prime bits the server sends back
out. I think this is already done, we just need to catch
GNUTLS_E_DH_PRIME_UNACCEPTABLE so gnutls_verify_boot doesn't
immediately return.