[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Network Security Manager merge time?

From: Ted Zlatanov
Subject: Re: Network Security Manager merge time?
Date: Tue, 25 Nov 2014 11:46:52 -0500
User-agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/25.0.50 (gnu/linux)

On Tue, 25 Nov 2014 17:30:36 +0100 Lars Magne Ingebrigtsen <address@hidden> 

LMI> Ted Zlatanov <address@hidden> writes:
>> I think we should now do the following:
>> * deprecate `gnutls-verify-error' in favor of `network-security-level'
>> * to help the migration, map :trustfiles and :hostname to 'medium (IIUC)

LMI> I think that proper Professional Security Professionals won't trust that
LMI> us lowly Emacs developers can get something as sacred as this stuff
LMI> right, so they will still want to be able to instruct the gnutls library
LMI> to refuse connections directly.

But it will!  It will simply look at `network-security-level' instead of
the old variable.

>> * add the ability to set the `network-security-level' per hostname regex

LMI> I still don't see the use case.  :-) The only reason to bump the level
LMI> over `medium' is that the user is worried that the NSA is paying a rogue
LMI> CA to issue certificates for your bank, and if you are, you should be
LMI> running on `high' always.

OK, you may be right.  No need to overengineer it.

LMI> And `medium' is so unintrusive that I hope that nobody will feel the
LMI> need to run with `low'.  If they feel that need, then we've misdesigned
LMI> something.

Such an optimist, you are.

>> * put the 'gnutls customization group next to 'nsm under 'comm

LMI> Yeah, that would be nice.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]