Re: Network security manager

[Lars Magne Ingebrigtsen]

Lars Magne Ingebrigtsen <address@hidden> writes:

> I'm looking at print_cert in output.c in the gnutls ui stuff, and it's
> pretty long, but should be easy enough to adapt to Emacs.  But it's
> going to be quite a few lines of C code.

This is now implemented.

I've switched the NSM on in the nsm branch by default, and I'm now
properly warned about all the invalidly encrypted servers I'm talking
to.

So it kinda seems to work.  >"?

The only thing remaining is to have the queries be prettier.  They're
kinda messy at the moment, with too much unstructured information.

And bugs, of course.  But give the nsm branch a whirl and see whether it
works...

The related thing I was also going to implement is the "shouldn't this
connection be encrypted?" thing previously discussed.  That is, if
you're talking to an IMAP server, you most likely want that connection
to be encrypted, and if not, Emacs should tell you that it isn't.

This is trivial to implement in the NSM, but what should the defaults
be?

IMAP, POP3: I think most users would want to be warned here
SMTP, IRC: I don't think anybody cares
NNTP: They might care if they're sending a password

Uhm...  is that all the protocols?  I feel I'm forgetting one...

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no