[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Network security manager

From: Lars Magne Ingebrigtsen
Subject: Re: Network security manager
Date: Tue, 18 Nov 2014 18:28:26 +0100
User-agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/24.4.51 (gnu/linux)

Ted Zlatanov <address@hidden> writes:

> LMI> 1) Drop certificate checking for images in shr.  I mean, do we care?
> I think we care.

What are the security implications of inserting an image from a source
we can't validate?  99% of the images aren't over TLS, anyway, and
aren't validated...

> LMI> 2) If being run from the async context (how do we check for that?),
> LMI> refuse to handle insecure TLS connections silently.
> Works for me, as long as the errors are reviewable in the NSM.  I should
> be able to go somewhere and hit a button "allow this cert from now on".

shr should really insert "broken image" markers into the buffers (and
"loading images"), and then the user could just hit RET on one of the
broken images and then get queried about the certificate

Which reminds me: We need a way to determine that Emacs is running
non-interactively as well as being run from an async context.  What's
the way to do that?

(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

reply via email to

[Prev in Thread] Current Thread [Next in Thread]