[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A couple of questions and concerns about Emacs network security
From: |
Jimmy Yuen Ho Wong |
Subject: |
Re: A couple of questions and concerns about Emacs network security |
Date: |
Mon, 9 Jul 2018 18:24:03 +0100 |
On Mon, Jul 9, 2018 at 6:15 PM Eli Zaretskii <address@hidden> wrote:
>
> > From: Lars Ingebrigtsen <address@hidden>
> > Cc: Emacs-Devel devel <address@hidden>, "Perry E. Metzger"
> > <address@hidden>, Eli Zaretskii <address@hidden>, Paul Eggert
> > <address@hidden>, address@hidden
> > Date: Mon, 09 Jul 2018 15:43:43 +0200
> >
> > Jimmy Yuen Ho Wong <address@hidden> writes:
> >
> > > I thought about this, but there's no standard that bans TLS 1.1, nor
> > > TLS client implementations that disabled it by default. Besides, all
> > > the problems TLS 1.1 has is already checked by the other checks. This
> > > reason I'm checking for TLS 1.0 is somewhat arbitrary, as all the
> > > problems it has is already checked by other checks too. So maybe even
> > > checking for 1.0 is already too strict, but PCI DSS does ban it, so...
> >
> > For those who don't understand security acronym soup, the latter means
> > "Payment Card Industry Data Security Standard".
> >
> > And I don't think that's the level we should be considering for Emacs,
> > even at the "high" level, because it's pretty... excessive. Last time
> > I checked.
>
> So maybe for 'paranoid'?
Nooooooo...... enough with this 'paranoid business already :(
As I've replied to Robert and a few others already, the checks I have
done is already multi-layered. Under normal circumtances, warning for
TLS 1.0 should already takes care of checking of CBC mode
ciphers/encrypt-then-MAC (if the server was configured correctly when
TLS 1.0 was in vogue), but I check both regardless. The checks are
already plenty paranoid without being crying-wolf under a vast
majority normal usage.
- Re: A couple of questions and concerns about Emacs network security, (continued)
- Re: A couple of questions and concerns about Emacs network security, Jimmy Yuen Ho Wong, 2018/07/07
- Re: A couple of questions and concerns about Emacs network security, Robert Pluim, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Jimmy Yuen Ho Wong, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Lars Ingebrigtsen, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Jimmy Yuen Ho Wong, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Eli Zaretskii, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security,
Jimmy Yuen Ho Wong <=
- Re: A couple of questions and concerns about Emacs network security, Perry E. Metzger, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Perry E. Metzger, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Perry E. Metzger, 2018/07/09
- Re: A couple of questions and concerns about Emacs network security, Jimmy Yuen Ho Wong, 2018/07/06
- Re: A couple of questions and concerns about Emacs network security, Eli Zaretskii, 2018/07/06
- Re: A couple of questions and concerns about Emacs network security, Jimmy Yuen Ho Wong, 2018/07/06
- Re: A couple of questions and concerns about Emacs network security, Eli Zaretskii, 2018/07/07
- Re: A couple of questions and concerns about Emacs network security, Lars Ingebrigtsen, 2018/07/08
- Re: A couple of questions and concerns about Emacs network security, Jimmy Yuen Ho Wong, 2018/07/08
- Re: A couple of questions and concerns about Emacs network security, Lars Ingebrigtsen, 2018/07/08