Re: A couple of questions and concerns about Emacs network security

[Lars Ingebrigtsen]

Eli Zaretskii <address@hidden> writes:

> Allow me a few comments, with an eye towards getting at least some of
> this to the emacs-26 branch:
>
>  . First, the NEWS entry should tell users how to get the previous
>    (less secure) behavior if they want.  I think this also calls for a
>    better documentation of the elements that can appear in
>    network-security-protocol-checks.
>
>  . The change to gnutls-peer-status is not reflected in its doc string
>    and is not called out in NEWS.

Yes, true.  I'll do that later this week.

>  . Do I understand correctly that most of the changes, including those
>    in gnutls.c, are so that intermediary certificates could be
>    verified?  If so, would it make sense to omit that for emacs-26,
>    and only beef up the medium level of security in NSM with the rest
>    of the checks?

Yes, that is definitely a possibility.  The nsm.el changes should be
safe to backport (after they've been in master for a couple of weeks so
that people can test them), while the gnutls.c change might be more
dangerous.

However, the thing that's protecting against (a SHA1 intermediate
certificate (oops, I see I've called it "intermediary" in the code and
doc; I'll fix that now)) is, I seem to remember, now being considered a
realistic attack (i.e., you can generate valid-looking fake certificates
based on one).

Or do I misremember?  I tried googling now, and I couldn't find anybody
actually achieving that yet...

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no