[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A couple of questions and concerns about Emacs network security

From: Jimmy Yuen Ho Wong
Subject: Re: A couple of questions and concerns about Emacs network security
Date: Sat, 23 Jun 2018 11:21:49 +0100

On Sat, Jun 23, 2018 at 7:40 AM, Eli Zaretskii <address@hidden> wrote:
> From: Noam Postavsky <address@hidden>
> Date: Fri, 22 Jun 2018 22:17:56 -0400
> Cc: Lars Magne Ingebrigtsen <address@hidden>,
>       Jimmy Yuen Ho Wong <address@hidden>,
>       Emacs developers <address@hidden>
> On 22 June 2018 at 18:43, Paul Eggert <address@hidden> wrote:
> > On 06/22/2018 03:00 PM, Jimmy Yuen Ho Wong wrote:
> >>
> >> 1. Can we update the default network security settings?
> >
> >
> > Yes, I would think so, in the master branch. As you say, the current
> > defaults are inappropriate for today's users.
> Can we bump gnutls-min-prime-bits to 1024 on the release branch?

No, I don't think so.  Changing these settings needs a prolonged
testing period to uncover any subtle problems with non-conforming
servers that users must be able to access, and such testing is
unlikely to happen on emacs-26 before the next bug-fix release.

If we change this now on emacs-26, we should probably not release
Emacs 26.2 before a year goes by.

I don't understand this. Just because a small amount of people need 256 bit default to connect to some non-conforming servers, you think the trade-off should be to use a default that put the vast majority of Emacs users at risk out of the box?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]