[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: The netsec thread
|
From: |
Robert Pluim |
|
Subject: |
Re: The netsec thread |
|
Date: |
Wed, 04 Sep 2019 21:34:16 +0200 |
>>>>> On Wed, 04 Sep 2019 15:12:14 +0200, Lars Ingebrigtsen <address@hidden>
>>>>> said:
Lars> Robert Pluim <address@hidden> writes:
>> - (let ((unsafe-renegotiation (not (plist-get status
:safe-renegotiation))))
>> - (and unsafe-renegotiation
>> - (format-message
>> - "safe renegotiation is not supported, connection not
protected from impersonators"))))
>> + (when (string-version-lessp (plist-get status :protocol) "TLS1.3")
>> + (let ((unsafe-renegotiation (not (plist-get status
:safe-renegotiation))))
>> + (and unsafe-renegotiation
>> + (format-message
>> + "safe renegotiation is not supported, connection not
protected from impersonators")))))
Lars> After Paul's patch, I think it would make sense to just check for
Lars> whether :safe-renegotiation is present at all, and not check for
Lars> protocol version here. I.e., use `plist-member' first.
Sure. Paul, did you want me to push your patch as well?
Robert
- Re: The netsec thread, Robert Pluim, 2019/09/03
- Re: The netsec thread, Paul Eggert, 2019/09/03
- Re: The netsec thread, Robert Pluim, 2019/09/03
- Re: The netsec thread, Paul Eggert, 2019/09/03
- Re: The netsec thread, Robert Pluim, 2019/09/03
- Re: The netsec thread, Lars Ingebrigtsen, 2019/09/04
- Re: The netsec thread,
Robert Pluim <=
- Re: The netsec thread, Paul Eggert, 2019/09/04
- Re: The netsec thread, Robert Pluim, 2019/09/04
- Re: The netsec thread, Robert Pluim, 2019/09/05
- Re: The netsec thread, Paul Eggert, 2019/09/05
- Re: The netsec thread, Robert Pluim, 2019/09/05
- Re: The netsec thread, Lars Ingebrigtsen, 2019/09/04