emacs-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A couple of questions and concerns about Emacs network security


From: Eli Zaretskii
Subject: Re: A couple of questions and concerns about Emacs network security
Date: Mon, 09 Jul 2018 20:15:13 +0300

> From: Lars Ingebrigtsen <address@hidden>
> Cc: Emacs-Devel devel <address@hidden>,  "Perry E. Metzger" <address@hidden>, 
>  Eli Zaretskii <address@hidden>,  Paul Eggert <address@hidden>,  
> address@hidden
> Date: Mon, 09 Jul 2018 15:43:43 +0200
> 
> Jimmy Yuen Ho Wong <address@hidden> writes:
> 
> > I thought about this, but there's no standard that bans TLS 1.1, nor
> > TLS client implementations that disabled it by default. Besides, all
> > the problems TLS 1.1 has is already checked by the other checks. This
> > reason I'm checking for TLS 1.0 is somewhat arbitrary, as all the
> > problems it has is already checked by other checks too. So maybe even
> > checking for 1.0 is already too strict, but PCI DSS does ban it, so...
> 
> For those who don't understand security acronym soup, the latter means
> "Payment Card Industry Data Security Standard".
> 
> And I don't think that's the level we should be considering for Emacs,
> even at the "high" level, because it's pretty...  excessive.  Last time
> I checked.

So maybe for 'paranoid'?



reply via email to

[Prev in Thread] Current Thread [Next in Thread]