[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The SHA1 sunset

From: Lars Magne Ingebrigtsen
Subject: Re: The SHA1 sunset
Date: Mon, 04 Jan 2016 23:15:56 +0100
User-agent: Gnus/5.130014 (Ma Gnus v0.14) Emacs/25.1.50 (gnu/linux)

John Wiegley <address@hidden> writes:

>>>>>> Lars Magne Ingebrigtsen <address@hidden> writes:
>> On the fourth hand, we release Emacs so seldomly that we have to plan for
>> the future, so perhaps it should be in "medium" anyway.
> Yeah, that was my thinking.

Mm.  I wonder what the percentage of TLS certificates are SHA-1 these
days...  anybody have statistics?

A user just discovered that the (self-signed) certificate on
news.gmane.org is SHA-1, for instance.  :-)

>> It would have been nice if Emacs had a way to retroactively change these
>> things. I mean, "push" very, very selective security-related updates on
>> users... Hm... could we imagine using the package system for doing security
>> updates? It would mean that Emacs would "call home" once in a while...
> Or associate your warnings with times, and after a certain date being
> proclaiming that doom is likely upon them.


(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

reply via email to

[Prev in Thread] Current Thread [Next in Thread]