Re: A couple of questions and concerns about Emacs network security

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A couple of questions and concerns about Emacs network security

From:	Eli Zaretskii
Subject:	Re: A couple of questions and concerns about Emacs network security
Date:	Sat, 23 Jun 2018 09:40:56 +0300

> From: Noam Postavsky <address@hidden>
> Date: Fri, 22 Jun 2018 22:17:56 -0400
> Cc: Lars Magne Ingebrigtsen <address@hidden>,
>       Jimmy Yuen Ho Wong <address@hidden>,
>       Emacs developers <address@hidden>
> 
> On 22 June 2018 at 18:43, Paul Eggert <address@hidden> wrote:
> > On 06/22/2018 03:00 PM, Jimmy Yuen Ho Wong wrote:
> >>
> >> 1. Can we update the default network security settings?
> >
> >
> > Yes, I would think so, in the master branch. As you say, the current
> > defaults are inappropriate for today's users.
> 
> Can we bump gnutls-min-prime-bits to 1024 on the release branch?

No, I don't think so.  Changing these settings needs a prolonged
testing period to uncover any subtle problems with non-conforming
servers that users must be able to access, and such testing is
unlikely to happen on emacs-26 before the next bug-fix release.

If we change this now on emacs-26, we should probably not release
Emacs 26.2 before a year goes by.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: A couple of questions and concerns about Emacs network security, (continued)

Prev by Date: Re: A couple of questions and concerns about Emacs network security
Next by Date: Re: A couple of questions and concerns about Emacs network security
Previous by thread: Re: A couple of questions and concerns about Emacs network security
Next by thread: Re: A couple of questions and concerns about Emacs network security
Index(es):
- Date
- Thread