[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Deprecate TLS1.0 support in emacs
From: |
Robert Pluim |
Subject: |
Re: Deprecate TLS1.0 support in emacs |
Date: |
Tue, 01 Aug 2017 17:12:53 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) |
Lars Ingebrigtsen <address@hidden> writes:
> Paul Eggert <address@hidden> writes:
>
>> Last year I would have agreed, but nowadays I think it'd be better to
>> warn about TLS 1.0 somehow. According to
>> https://www.ssllabs.com/ssl-pulse/ from July 2016 to July 2017 TLS
>> v1.2 support climbed from 78.3% to 87.3%, whereas support for TLS v1.0
>> dropped from 97.3% to to 93.4% as the higher-end sites tighten up
>> security. By the time the next version of Emacs comes out, it looks
>> like a mild warning about TLS v1.0 will be appropriate.
>
> Yes, I agree. eww, for instance, could remove the green URL when using
> TLS 1.0, etc. But the proposed NSM warning (which would make the user
> answer "y" to a direct question about the TLS-ness) is too heavy, in my
> opinion.
OK. I happen to like NSM, mainly because I like explicit and detailed
messages from my tools, rather than having them change visual
indicators, but mileage obviously varies.
> But having the warning on the `high' NSM setting is fine with me, and
> I'll see what I can do about removing green URLs from eww...
Is that an offer to commit my patch? :-)
There's 🔐 and 🔓 you can use if you feel like getting fancy. Changing
the colour of the URL doesn't speak to me very much.
> Other services, like SMTP/IMAP/etc will have to invent other
> "lightweight" ways to tell the user that the content is on the insecure
> side.
I'm not sure how you can signal that someone's SMTP/IMAP session is
using an insecure protocol without ending up back at NSM.
Robert
- Re: Deprecate TLS1.0 support in emacs, Robert Pluim, 2017/08/01
- Re: Deprecate TLS1.0 support in emacs, Lars Ingebrigtsen, 2017/08/01
- Re: Deprecate TLS1.0 support in emacs, Robert Pluim, 2017/08/01
- Re: Deprecate TLS1.0 support in emacs, Paul Eggert, 2017/08/01
- Re: Deprecate TLS1.0 support in emacs, Lars Ingebrigtsen, 2017/08/01
- Re: Deprecate TLS1.0 support in emacs,
Robert Pluim <=
- Re: Deprecate TLS1.0 support in emacs, Stefan Monnier, 2017/08/01
- Re: Deprecate TLS1.0 support in emacs, Lars Ingebrigtsen, 2017/08/03
- Re: Deprecate TLS1.0 support in emacs, Stefan Monnier, 2017/08/03
- Re: Deprecate TLS1.0 support in emacs, Ted Zlatanov, 2017/08/03
- Re: Deprecate TLS1.0 support in emacs, Eli Zaretskii, 2017/08/04
- Re: Deprecate TLS1.0 support in emacs, Ted Zlatanov, 2017/08/04
- Re: Deprecate TLS1.0 support in emacs, Eli Zaretskii, 2017/08/04
- Re: Deprecate TLS1.0 support in emacs, Stefan Monnier, 2017/08/04
- Re: Deprecate TLS1.0 support in emacs, Ted Zlatanov, 2017/08/04
- Re: Deprecate TLS1.0 support in emacs, Stefan Monnier, 2017/08/04