[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Deprecate TLS1.0 support in emacs

From: Robert Pluim
Subject: Re: Deprecate TLS1.0 support in emacs
Date: Tue, 01 Aug 2017 15:01:24 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux)

Lars Ingebrigtsen <address@hidden> writes:

> Robert Pluim <address@hidden> writes:
>> Ping? I'd like to improve the default communication security settings
>> of Emacs, the current state is too insecure for my liking.
> My feeling, as I think I said, is that it's premature to warn about
> things like TLS1.0 in an intrusive manner.  There's too many sites out
> there that still use that protocol, and warning too much is no help for
> our users.

There are still many sites like that, but if we don't warn people
about them, there will never be any pressure on their owners to
upgrade to TLS1.2, or stop using SHA-1, or increase DH key size.

How about warning as in my patch, but only at network-security-level
>= high? And revisit the level later?



reply via email to

[Prev in Thread] Current Thread [Next in Thread]