[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Deprecate TLS1.0 support in emacs
From: |
Robert Pluim |
Subject: |
Re: Deprecate TLS1.0 support in emacs |
Date: |
Mon, 07 Aug 2017 11:54:22 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) |
Ted Zlatanov <address@hidden> writes:
> On Thu, 03 Aug 2017 23:17:13 -0400 Stefan Monnier <address@hidden> wrote:
>
> SM> I generally agree on the principle, but at the same time I wonder what
> SM> actions would make sense: there are basically 2 applicable actions, one
> SM> of which (contact the webmaster to suggest upgrading to a better
> SM> protocol) is difficult to automate.
>
> I would suggest these possible actions:
>
> * don't warn me about this site anymore and proceed (whitelist)
> * don't warn me about TLS 1.0 issues for (dropdown: 1 day, 3 days, 1 month)
> * don't warn me about this site for (dropdown: 1 day, 3 days, 1
> month)
I don't think I'd ever want this to be time-based. For me it's all
subsumed by this one:
> * proceed this once
since I'll want to revisit my decision the next time I connect,
whenever that is.
> * blacklist site as long as it uses TLS1.0; abort connection; never notify
> * blacklist TLS1.0 globally; abort all such connections; never notify
These seem a little drastic, even to me :-) You can achieve almost
this already by customizing gnutls-algorithm-priority
BTW, Debian unstable just started the process of removing support for
TLS1.0 *and* TLS1.1 from OpenSSL, I assume the equivalent GnuTLS
change is not far behind:
https://lists.debian.org/debian-devel-announce/2017/08/msg00004.html
Regards
Robert
- Re: common Emacs notifications and alert.el (John W.) package (was: Deprecate TLS1.0 support in emacs), (continued)
- Re: Deprecate TLS1.0 support in emacs, Michael Albinus, 2017/08/04
- Re: Deprecate TLS1.0 support in emacs, Lars Ingebrigtsen, 2017/08/03
- Re: Deprecate TLS1.0 support in emacs, Richard Stallman, 2017/08/04
- Re: Deprecate TLS1.0 support in emacs, Ted Zlatanov, 2017/08/03
- Re: Deprecate TLS1.0 support in emacs, Stefan Monnier, 2017/08/03
- Re: Deprecate TLS1.0 support in emacs, Ted Zlatanov, 2017/08/04
- Re: Deprecate TLS1.0 support in emacs, Lars Ingebrigtsen, 2017/08/04
- Re: Deprecate TLS1.0 support in emacs, Stefan Monnier, 2017/08/04
- Re: Deprecate TLS1.0 support in emacs,
Robert Pluim <=
- Re: Deprecate TLS1.0 support in emacs, Ted Zlatanov, 2017/08/10
- Re: Deprecate TLS1.0 support in emacs, Paul Eggert, 2017/08/10
- Re: Deprecate TLS1.0 support in emacs, Ted Zlatanov, 2017/08/11