[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A couple of questions and concerns about Emacs network security
From: |
Jimmy Yuen Ho Wong |
Subject: |
Re: A couple of questions and concerns about Emacs network security |
Date: |
Mon, 9 Jul 2018 19:10:09 +0100 |
On Mon, Jul 9, 2018 at 7:05 PM Eli Zaretskii <address@hidden> wrote:
>
> > From: Jimmy Yuen Ho Wong <address@hidden>
> > Date: Mon, 9 Jul 2018 18:38:14 +0100
> > Cc: Lars Ingebrigtsen <address@hidden>, Emacs-Devel devel <address@hidden>
> > This is what (setq gnutls-min-prime-bits nil) means:
> >
> > https://github.com/emacs-mirror/emacs/blob/master/src/gnutls.c#L1854
>
> This still doesn't tell me what nil means:
>
> prime_bits = Fplist_get (proplist, QCmin_prime_bits);
> [...]
> if (INTEGERP (prime_bits))
> gnutls_dh_set_prime_bits (state, XUINT (prime_bits));
>
> If prime_bits is nil, we do nothing with it. We only use it if it is
> an integer.
Yep. By not setting it from the Emacs's side, it means the DH prime
bits is controlled by the priority string, and GnuTLS will do the
right thing accordingly. It also means the min prime bit is GnuTLS
version dependent.
"Note that since 3.1.7 this function is deprecated. The minimum number
of bits is set by the priority string level. Also this function must
be called after gnutls_priority_set_direct() or the set value may be
overridden by the selected priority options."
https://www.gnutls.org/reference/gnutls-gnutls.html#gnutls-dh-set-prime-bits
- Re: A couple of questions and concerns about Emacs network security, (continued)
- Re: A couple of questions and concerns about Emacs network security, Jimmy Yuen Ho Wong, 2018/07/08
- Re: A couple of questions and concerns about Emacs network security, Eli Zaretskii, 2018/07/08
- Re: A couple of questions and concerns about Emacs network security, Lars Ingebrigtsen, 2018/07/08
- Re: A couple of questions and concerns about Emacs network security, Eli Zaretskii, 2018/07/08
- Re: A couple of questions and concerns about Emacs network security, Jimmy Yuen Ho Wong, 2018/07/08
- Re: A couple of questions and concerns about Emacs network security, Eli Zaretskii, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Jimmy Yuen Ho Wong, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Jimmy Yuen Ho Wong, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Jimmy Yuen Ho Wong, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Eli Zaretskii, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security,
Jimmy Yuen Ho Wong <=
- Re: A couple of questions and concerns about Emacs network security, Eli Zaretskii, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Jimmy Yuen Ho Wong, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Eli Zaretskii, 2018/07/10
- Re: A couple of questions and concerns about Emacs network security, Lars Ingebrigtsen, 2018/07/08
- Re: A couple of questions and concerns about Emacs network security, Jimmy Yuen Ho Wong, 2018/07/08
- Re: A couple of questions and concerns about Emacs network security, Eli Zaretskii, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Eli Zaretskii, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Jimmy Yuen Ho Wong, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Jimmy Yuen Ho Wong, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Robert Pluim, 2018/07/09