emacs-diffs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Emacs-diffs] master 01/01: * processes.texi (Network Security): Made in


From: Lars Ingebrigtsen
Subject: [Emacs-diffs] master 01/01: * processes.texi (Network Security): Made into its own section and fleshed out
Date: Mon, 24 Nov 2014 16:47:07 +0000

branch: master
commit 7f311629f0dc2b9f04acabb042347e1baf14fc23
Author: Lars Magne Ingebrigtsen <address@hidden>
Date:   Mon Nov 24 17:47:00 2014 +0100

    * processes.texi (Network Security): Made into its own section and fleshed 
out
---
 doc/lispref/ChangeLog      |    5 +++
 doc/lispref/elisp.texi     |    1 +
 doc/lispref/processes.texi |   85 ++++++++++++++++++++++++++++++++++++++-----
 3 files changed, 81 insertions(+), 10 deletions(-)

diff --git a/doc/lispref/ChangeLog b/doc/lispref/ChangeLog
index 5cc85aa..3df6bfc 100644
--- a/doc/lispref/ChangeLog
+++ b/doc/lispref/ChangeLog
@@ -1,3 +1,8 @@
+2014-11-24  Lars Magne Ingebrigtsen  <address@hidden>
+
+       * processes.texi (Network Security): Made into its own section and
+       fleshed out.
+
 2014-11-23  Lars Magne Ingebrigtsen  <address@hidden>
 
        * processes.texi (Network): Mention the new :warn-unless-encrypted
diff --git a/doc/lispref/elisp.texi b/doc/lispref/elisp.texi
index fa665da..754140e 100644
--- a/doc/lispref/elisp.texi
+++ b/doc/lispref/elisp.texi
@@ -1299,6 +1299,7 @@ Processes
 * System Processes::        Accessing other processes running on your system.
 * Transaction Queues::      Transaction-based communication with subprocesses.
 * Network::                 Opening network connections.
+* Network Security::        Managing the network security.
 * Network Servers::         Network servers let Emacs accept net connections.
 * Datagrams::               UDP network connections.
 * Low-Level Network::       Lower-level but more general function
diff --git a/doc/lispref/processes.texi b/doc/lispref/processes.texi
index 3c9da5c..fcf5e8d 100644
--- a/doc/lispref/processes.texi
+++ b/doc/lispref/processes.texi
@@ -52,6 +52,7 @@ Processes}.
 * System Processes::         Accessing other processes running on your system.
 * Transaction Queues::       Transaction-based communication with subprocesses.
 * Network::                  Opening network connections.
+* Network Security::         Managing the network security.
 * Network Servers::          Network servers let Emacs accept net connections.
 * Datagrams::                UDP network connections.
 * Low-Level Network::        Lower-level but more general function
@@ -2072,25 +2073,89 @@ The connection type: @samp{plain} or @samp{tls}.
 
 @end defun
 
+
address@hidden Network Security
address@hidden Network Security
 @cindex Network Security Manager
-After establishing the connection, the connection is then passed on to
-the Network Security Manager (@acronym{NSM}).  If the connection is a
address@hidden or @acronym{STARTTLS} connection, the @acronym{NSM} will
-check whether the certificate used to establish the identity of the
-server we're connecting to can be verified.  If this can't be done,
-the @acronym{NSM} will query the user whether to proceed with the
address@hidden encryption
address@hidden SSL
address@hidden TLS
address@hidden STARTTLS
+
+After establishing a network connection, the connection is then passed
+on to the Network Security Manager (@acronym{NSM}).
+
address@hidden network-security-level
+The @code{network-security-level} variable determines the security
+level.  If this is @code{low}, no security checks are performed.
+
+If this variable is @code{medium} (which is the default), a number of
+checks will be performed.  If the @acronym{NSM} determines that the
+network connection might be unsafe, the user is made aware of this,
+and the @acronym{NSM} will ask the user what to do about the network
 connection.
 
 The user is given the choice of registering a permanent security
 exception, a temporary one, or whether to refuse the connection
 entirely.
 
+Below is a list of the checks done on the @code{medium} level.
+
address@hidden @asis
+
address@hidden unable to verify a @acronym{TLS} certificate
+If the connection is a @acronym{TLS}, @acronym{SSL} or
address@hidden connection, the @acronym{NSM} will check whether
+the certificate used to establish the identity of the server we're
+connecting to can be verified.
+
+While an invalid certificate is often the cause for concern (there may
+be a Man-in-the-Middle hijacking your network connection and stealing
+your password), there may be valid reasons for going ahead with the
+connection anyway.
+
+For instance, the server may be using a self-signed certificate, or
+the certificate may have expired.  It's up to the user to determine
+whether it's acceptable to continue the connection.
+
address@hidden a self-signed certificate has changed
+If you've previously accepted a self-signed certificate, but it has
+now changed, that either means that the server has just changed the
+certificate, or this might mean that the network connection has been
+hijacked.
+
address@hidden previously encrypted connection now unencrypted
 If the connection is unencrypted, but it was encrypted in previous
-sessions, the user will also be notified about this.
+sessions, this might mean that there is a proxy between you and the
+server that strips away @acronym{STARTTLS} announcements, leaving the
+connection unencrypted.  This is usually very suspicious.
+
address@hidden talking to an unencrypted service when sending a password
+When connecting to an @acronym{IMAP} or @acronym{POP3} server, these
+should usually be encrypted, because it's common to send passwords
+over these connections.  Similarly, if you're sending email via
address@hidden that requires a password, you usually want that
+connection to be encrypted.  If the connection isn't encrypted, the
address@hidden will warn you.
 
address@hidden network-security-level
-The @code{network-security-level} variable determines the security level.
-If this is @code{low}, no security checks are performed.
address@hidden table
+
+If @code{network-security-level} is @code{high}, the following checks
+will be made:
+
address@hidden @asis
address@hidden a validated certificate changes the public key
+Servers change their keys occasionally, and that is normally nothing
+to be concerned about.  However, if you are worried that your network
+connections are being hijacked by agencies who have access to pliable
+Certificate Authorities that issue new certificates for third-party
+services, you may want to keep track of these changes.
address@hidden table
+
+Finally, if @code{network-security-level} is @code{paranoid}, you will
+also be notified the first time the @acronym{NSM} sees any new
+certificate.  This will allow you to inspect all the certificates from
+all the connections that Emacs makes.
 
 
 @node Network Servers



reply via email to

[Prev in Thread] Current Thread [Next in Thread]