|From:||Jimmy Yuen Ho Wong|
|Subject:||Re: A couple of questions and concerns about Emacs network security|
|Date:||Sat, 23 Jun 2018 11:21:49 +0100|
> From: Noam Postavsky <address@hidden>
> Date: Fri, 22 Jun 2018 22:17:56 -0400
> Cc: Lars Magne Ingebrigtsen <address@hidden>,
> Jimmy Yuen Ho Wong <address@hidden>,
> Emacs developers <address@hidden>
> On 22 June 2018 at 18:43, Paul Eggert <address@hidden> wrote:
> > On 06/22/2018 03:00 PM, Jimmy Yuen Ho Wong wrote:
> >> 1. Can we update the default network security settings?
> > Yes, I would think so, in the master branch. As you say, the current
> > defaults are inappropriate for today's users.
> Can we bump gnutls-min-prime-bits to 1024 on the release branch?
No, I don't think so. Changing these settings needs a prolonged
testing period to uncover any subtle problems with non-conforming
servers that users must be able to access, and such testing is
unlikely to happen on emacs-26 before the next bug-fix release.
If we change this now on emacs-26, we should probably not release
Emacs 26.2 before a year goes by.
|[Prev in Thread]||Current Thread||[Next in Thread]|