[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking.

From: Ted Zlatanov
Subject: Re: [PATCH RFC] GnuTLS: Support TOFU certificate checking.
Date: Wed, 08 Oct 2014 11:37:31 -0400
User-agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/24.4.50 (darwin)

On Wed, 08 Oct 2014 17:31:33 +0200 Lars Magne Ingebrigtsen <address@hidden> 

LMI> Ted Zlatanov <address@hidden> writes:
>> What about `emacs --batch'? That change would affect the URL retrieval
>> code and thus unattended package installs for instance. Do you just
>> reject certificates in batch mode? Or add a `--tofu-accept=SERVER_REGEX'
>> option to Emacs for batch mode?

LMI> If the user can't answer questions, the default would be to reject
LMI> invalid certificates.

They are not necessarily invalid. But yeah, I agree that's reasonable
behavior as long as it's noted loudly (with a possible remedy in the


reply via email to

[Prev in Thread] Current Thread [Next in Thread]