[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug#766395: emacs/gnus: Uses s_client to for SSL.

From: Ted Zlatanov
Subject: Re: Bug#766395: emacs/gnus: Uses s_client to for SSL.
Date: Fri, 24 Oct 2014 09:35:29 -0400
User-agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/25.0.50 (darwin)

On Thu, 23 Oct 2014 12:34:38 -0400 Richard Stallman <address@hidden> wrote: 

RS> I've read that falling back to ssl3 is a real security hole,
RS> being exploited frequently.  That feature should be removed.

That's not really relevant to the bug report, but with GnuTLS you use
priority strings to control this.  Nikos, the GnuTLS maintainer, asked
for feedback on disabling it in the default priority string in the
mailing list:


If you're using the Emacs GnuTLS integration, you simply set the
priority string through `gnutls-algorithm-priority' to what works for
you; for example "SECURE256:-VERS-SSL3.0". I'd rather wait for the final
decision from the GnuTLS maintainer than change the Emacs default.

If you're using the external s_client, you need to customize its
invocation accordingly.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]