[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] emacs-26 3302b7c: Mention the NSM in the gnutls variable d
From: |
Lars Ingebrigtsen |
Subject: |
[Emacs-diffs] emacs-26 3302b7c: Mention the NSM in the gnutls variable doc strings |
Date: |
Sun, 8 Jul 2018 09:59:31 -0400 (EDT) |
branch: emacs-26
commit 3302b7cd7f0afe9144cec2343902488fbe02d415
Author: Lars Ingebrigtsen <address@hidden>
Commit: Lars Ingebrigtsen <address@hidden>
Mention the NSM in the gnutls variable doc strings
* gnutls.el (gnutls-algorithm-priority): Mention the Network
Security Manager here since this variable is an obvious place
for people concerned about network security to look.
(gnutls-verify-error): Ditto.
(gnutls-min-prime-bits): Ditto.
---
lisp/net/gnutls.el | 25 ++++++++++++++++++++++---
1 file changed, 22 insertions(+), 3 deletions(-)
diff --git a/lisp/net/gnutls.el b/lisp/net/gnutls.el
index 85c9308..4cc1f5f 100644
--- a/lisp/net/gnutls.el
+++ b/lisp/net/gnutls.el
@@ -46,7 +46,13 @@
(defcustom gnutls-algorithm-priority nil
"If non-nil, this should be a TLS priority string.
For instance, if you want to skip the \"dhe-rsa\" algorithm,
-set this variable to \"normal:-dhe-rsa\"."
+set this variable to \"normal:-dhe-rsa\".
+
+This variable can be useful for modifying low-level TLS
+connection parameters (for instance if you need to connect to a
+host that only accepts a specific algorithm), but general Emacs
+network security is handled by the Network Security Manager. See
+Info node `(emacs) Network Security'."
:group 'gnutls
:type '(choice (const nil)
string))
@@ -72,7 +78,13 @@ corresponding conditions to be tested are:
If the condition test fails, an error will be signaled.
If the value of this variable is t, every connection will be subjected
-to all of the tests described above."
+to all of the tests described above.
+
+The default value of this variable is nil, which means that no
+checks are performed at the gnutls level. Instead the checks are
+performed via `open-network-stream' at a higher level by the
+Network Security Manager. See Info node `(emacs) Network
+Security'."
:group 'gnutls
:version "24.4"
:type '(choice
@@ -111,7 +123,14 @@ number with fewer than this number of bits, the handshake
is
rejected. \(The smaller the prime number, the less secure the
key exchange is against man-in-the-middle attacks.)
-A value of nil says to use the default GnuTLS value."
+A value of nil says to use the default GnuTLS value.
+
+The default value of this variable is such that virtually any
+connection can be established, whether this connection can be
+considered cryptographically \"safe\" or not. However, Emacs
+network security is handled at a higher level via
+`open-network-stream' and the Network Security Manager. See Info
+node `(emacs) Network Security'."
:type '(choice (const :tag "Use default value" nil)
(integer :tag "Number of bits" 512))
:group 'gnutls)
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Emacs-diffs] emacs-26 3302b7c: Mention the NSM in the gnutls variable doc strings,
Lars Ingebrigtsen <=