[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A couple of questions and concerns about Emacs network security

From: Lars Ingebrigtsen
Subject: Re: A couple of questions and concerns about Emacs network security
Date: Sun, 08 Jul 2018 16:06:39 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)

Geez!  So many emails in this thread all of a sudden...

I think it sounds like Jimmy is very much on the right track, so that's
great.  (I haven't actually looked at the code yet.)  Batching up the
warnings so you don't get double-prompting sounds very nice, for
instance, and handling the certificate things and the encryption
primitives warnings in "one batch" sounds good.

But here's some comments after reading all the 5000 messages in this

1) I don't think the `paranoid' setting is security theatre.  It's not a
useful setting for general browsing, but if your use case is that you
only use Emacs for, say, talking with your IMAP server, and that's it,
and you're worried that you may somehow end up talking with the wrong
server, and you're, er, paranoid (perhaps with good reason), then
that's the setting for you.

But, yes, as Eli says, `paranoid' should perhaps do more for non-TLS
connections.  The question is "what", though, because there's no
fingerprint (beyond the host/port number) that we can use to verify
that a non-TLS connection is to a previously seen host.

2) The `gnutls-min-prime-bits' documentation is unclear:


 This function sets the number of bits, for use in a Diffie-Hellman
 key exchange. This is used both in DH ephemeral and DH anonymous
 cipher suites. This will set the minimum size of the prime that will
 be used for the handshake.

 In the client side it sets the minimum accepted number of bits.


I thought that it set the minimum number of bits (like it says in the
last sentence), but it would use however many bits the server allows.
The first sentence seems to contradict this, and that this sets an
upper as well as lower bound on the number of bits, which is pretty
horrific, if that's the case...  But I don't think it is, because
I get ":diffie-hellman-prime-bits 2047" when connecting to a DH host.

So there's no need to worry about the `gnutls-min-prime-bits'
setting.  The NSM handles the problem.

3) emacs -Q should ignore the NSM settings (and not save anything)

Other than that, I'm just waiting for Jimmy's code to show up in an
Emacs branch, and I'll probably have more comments.

(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

reply via email to

[Prev in Thread] Current Thread [Next in Thread]