[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: The SHA1 sunset
From: |
Lars Magne Ingebrigtsen |
Subject: |
Re: The SHA1 sunset |
Date: |
Mon, 04 Jan 2016 23:15:56 +0100 |
User-agent: |
Gnus/5.130014 (Ma Gnus v0.14) Emacs/25.1.50 (gnu/linux) |
John Wiegley <address@hidden> writes:
>>>>>> Lars Magne Ingebrigtsen <address@hidden> writes:
>
>> On the fourth hand, we release Emacs so seldomly that we have to plan for
>> the future, so perhaps it should be in "medium" anyway.
>
> Yeah, that was my thinking.
Mm. I wonder what the percentage of TLS certificates are SHA-1 these
days... anybody have statistics?
A user just discovered that the (self-signed) certificate on
news.gmane.org is SHA-1, for instance. :-)
>> It would have been nice if Emacs had a way to retroactively change these
>> things. I mean, "push" very, very selective security-related updates on
>> users... Hm... could we imagine using the package system for doing security
>> updates? It would mean that Emacs would "call home" once in a while...
>
> Or associate your warnings with times, and after a certain date being
> proclaiming that doom is likely upon them.
:-)
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
- The SHA1 sunset, Lars Magne Ingebrigtsen, 2016/01/03
- Re: The SHA1 sunset, Eli Zaretskii, 2016/01/03
- Re: The SHA1 sunset, John Wiegley, 2016/01/03
- Re: The SHA1 sunset, Mike Gerwitz, 2016/01/03
- Re: The SHA1 sunset, Lars Magne Ingebrigtsen, 2016/01/04
- Re: The SHA1 sunset, Mike Gerwitz, 2016/01/05
- Re: The SHA1 sunset, Lars Magne Ingebrigtsen, 2016/01/05
- Re: The SHA1 sunset, Eli Zaretskii, 2016/01/04
Re: The SHA1 sunset, James Cloos, 2016/01/04