|
From: | Noam Postavsky |
Subject: | bug#31946: 27.0.50; The NSM should warn about more TLS problems |
Date: | Mon, 25 Jun 2018 21:23:16 -0400 |
User-agent: | Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) |
Lars Ingebrigtsen <larsi@gnus.org> writes: > There are also more protocol stuff we should warn about on various > levels. These should be on `high': >> "https://dh-small-subgroup.badssl.com/" ;; fail >> "https://dh-composite.badssl.com/" ;; fail So these ones seem kind of problematic, as alluded to on emacs-devel. It doesn't look like gnutls has an API to get or check the value of the DH primes (calc-prime-test bails out when given a 1024 bit prime, so we definitely need library support for this). https://lists.gnu.org/archive/html/emacs-devel/2018-06/msg00805.html https://lists.gnu.org/archive/html/emacs-devel/2018-06/msg00807.html
[Prev in Thread] | Current Thread | [Next in Thread] |