[Emacs-diffs] netsec 023f4c6 2/6: Set standard value of `gnutls-min-primes-bits' to nil

[Jimmy Yuen Ho Wong]

branch: netsec
commit 023f4c60e9279b69be1dc7db83f69674ce1e1917
Author: Jimmy Yuen Ho Wong <address@hidden>
Commit: Jimmy Yuen Ho Wong <address@hidden>

    Set standard value of `gnutls-min-primes-bits' to nil
    
    * lisp/net/gnutls.el (gnutls-min-prime-bits): Set standard value to
      nil in order to let GnuTLS manage the minimum DH prime bits
      accepted.
---
 lisp/net/gnutls.el | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/lisp/net/gnutls.el b/lisp/net/gnutls.el
index 8af34c2..e9d4802 100644
--- a/lisp/net/gnutls.el
+++ b/lisp/net/gnutls.el
@@ -117,10 +117,7 @@ The files may not exist, in which case they will be 
ignored."
   :type '(choice (function :tag "Function to produce list of bundle filenames")
                  (repeat (file :tag "Bundle filename"))))
 
-;;;###autoload
-(defcustom gnutls-min-prime-bits 256
-  ;; Several mail servers send fewer bits than the GnuTLS default.
-  ;; Currently, 256 appears to be a reasonable choice (Bug#11267).
+(defcustom gnutls-min-prime-bits nil
   "Minimum number of prime bits accepted by GnuTLS for key exchange.
 During a Diffie-Hellman handshake, if the server sends a prime
 number with fewer than this number of bits, the handshake is
@@ -136,7 +133,7 @@ network security is handled at a higher level via
 `open-network-stream' and the Network Security Manager.  See Info
 node `(emacs) Network Security'."
   :type '(choice (const :tag "Use default value" nil)
-                 (integer :tag "Number of bits" 512))
+                 (integer :tag "Number of bits" 2048))
   :group 'gnutls)
 
 (defcustom gnutls-crlfiles