Re: A couple of questions and concerns about Emacs network security

[Eli Zaretskii]

> From: Jimmy Yuen Ho Wong <address@hidden>
> Date: Sun, 8 Jul 2018 15:58:45 +0100
> Cc: Lars Ingebrigtsen <address@hidden>, Emacs-Devel devel <address@hidden>
> > > But, yes, as Eli says, `paranoid' should perhaps do more for non-TLS
> > > connections.  The question is "what", though, because there's no
> > > fingerprint (beyond the host/port number) that we can use to verify
> > > that a non-TLS connection is to a previously seen host.
> >
> > We could look at the browsers for inspiration, perhaps?
> 
> Browsers have only 1 security level

I meant for inspiration about what non-TLS checks can be relevant.
Whether they should be on 'paranoid' or lower is a separate question.