[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Deprecate TLS1.0 support in emacs
From: |
Robert Pluim |
Subject: |
Re: Deprecate TLS1.0 support in emacs |
Date: |
Tue, 01 Aug 2017 14:02:25 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) |
Robert Pluim <address@hidden> writes:
> Richard Stallman <address@hidden> writes:
>
>> I agree -- our software should not absolutely refuse to communicate
>> a way that we judge risky. We should explain the situation and state
>> how to enable that method (perhaps with a user option).
>>
>
> OK. NSM provides the requisite infrastructure for that already, we
> just have to enable some more checking. Here's an initial patch, we
> can now decide exactly which checks we should do at medium security
> level, and update the manuals. Personally I feel we should warn for
> ssl, tls1.0, tls1.1, RC4, and SHA1. Diffie-Hellman I'm not too sure
> about, although I'll note that Google Chrome switched to 1024 bits two
> years ago.
Ping? I'd like to improve the default communication security settings
of Emacs, the current state is too insecure for my liking.
Regards
Robert
- Re: Deprecate TLS1.0 support in emacs,
Robert Pluim <=
- Re: Deprecate TLS1.0 support in emacs, Lars Ingebrigtsen, 2017/08/01
- Re: Deprecate TLS1.0 support in emacs, Robert Pluim, 2017/08/01
- Re: Deprecate TLS1.0 support in emacs, Paul Eggert, 2017/08/01
- Re: Deprecate TLS1.0 support in emacs, Lars Ingebrigtsen, 2017/08/01
- Re: Deprecate TLS1.0 support in emacs, Robert Pluim, 2017/08/01
- Re: Deprecate TLS1.0 support in emacs, Stefan Monnier, 2017/08/01
- Re: Deprecate TLS1.0 support in emacs, Lars Ingebrigtsen, 2017/08/03
- Re: Deprecate TLS1.0 support in emacs, Stefan Monnier, 2017/08/03
- Re: Deprecate TLS1.0 support in emacs, Ted Zlatanov, 2017/08/03
- Re: Deprecate TLS1.0 support in emacs, Eli Zaretskii, 2017/08/04