[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Problems updating (M)Elpa packages
From: |
Stefan Monnier |
Subject: |
Re: Problems updating (M)Elpa packages |
Date: |
Sun, 22 Sep 2019 11:44:18 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
> The following issue occurs on two machines WiFi connected, one with W10 Home
> 64 and one with macOS (10.13). I do:
>
> Options - Manage Emacs packages
>
> a 'Network Security Manager' buffer shows up, containing 'Certificate
> information', saying that
>
> 'TLS connection to elpa.gnu.org:443 is insicure for the following reasons:
>
> safe renegotiation is not supported, connection not protected...'
Apparently this is a bug in Emacs, when TLS-1.3 is used Emacs complains
about the lack of support for "safe renegotiation", but that
functionality has been removed from TLS-1.3 so it's perfectly normal
that it's not supported.
> and ask to accept the connection
>
> Always
> no
> session only
> ...
The right answer is "always" ;-)
[ In any case, if you have GPG installed, the security is enforced by
checking GPG signatures already, so HTTPS mostly provides a bit of
privacy. ]
Stefan