[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] netsec 023f4c6 2/6: Set standard value of `gnutls-min-prim
From: |
Jimmy Yuen Ho Wong |
Subject: |
[Emacs-diffs] netsec 023f4c6 2/6: Set standard value of `gnutls-min-primes-bits' to nil |
Date: |
Sat, 14 Jul 2018 13:08:09 -0400 (EDT) |
branch: netsec
commit 023f4c60e9279b69be1dc7db83f69674ce1e1917
Author: Jimmy Yuen Ho Wong <address@hidden>
Commit: Jimmy Yuen Ho Wong <address@hidden>
Set standard value of `gnutls-min-primes-bits' to nil
* lisp/net/gnutls.el (gnutls-min-prime-bits): Set standard value to
nil in order to let GnuTLS manage the minimum DH prime bits
accepted.
---
lisp/net/gnutls.el | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/lisp/net/gnutls.el b/lisp/net/gnutls.el
index 8af34c2..e9d4802 100644
--- a/lisp/net/gnutls.el
+++ b/lisp/net/gnutls.el
@@ -117,10 +117,7 @@ The files may not exist, in which case they will be
ignored."
:type '(choice (function :tag "Function to produce list of bundle filenames")
(repeat (file :tag "Bundle filename"))))
-;;;###autoload
-(defcustom gnutls-min-prime-bits 256
- ;; Several mail servers send fewer bits than the GnuTLS default.
- ;; Currently, 256 appears to be a reasonable choice (Bug#11267).
+(defcustom gnutls-min-prime-bits nil
"Minimum number of prime bits accepted by GnuTLS for key exchange.
During a Diffie-Hellman handshake, if the server sends a prime
number with fewer than this number of bits, the handshake is
@@ -136,7 +133,7 @@ network security is handled at a higher level via
`open-network-stream' and the Network Security Manager. See Info
node `(emacs) Network Security'."
:type '(choice (const :tag "Use default value" nil)
- (integer :tag "Number of bits" 512))
+ (integer :tag "Number of bits" 2048))
:group 'gnutls)
(defcustom gnutls-crlfiles
- [Emacs-diffs] branch netsec created (now fab6139), Jimmy Yuen Ho Wong, 2018/07/14
- [Emacs-diffs] netsec 023f4c6 2/6: Set standard value of `gnutls-min-primes-bits' to nil,
Jimmy Yuen Ho Wong <=
- [Emacs-diffs] netsec fab6139 6/6: Show full issuer and subject distinguished names, Jimmy Yuen Ho Wong, 2018/07/14
- [Emacs-diffs] netsec 534a3d5 3/6: Revamp Network Security manager checks for TLS, Jimmy Yuen Ho Wong, 2018/07/14
- [Emacs-diffs] netsec 682578f 4/6: Add option to bypass NSM TLS checks on local networks, Jimmy Yuen Ho Wong, 2018/07/14
- [Emacs-diffs] netsec 87484dc 5/6: Full certificate chain details for NSM, Jimmy Yuen Ho Wong, 2018/07/14
- [Emacs-diffs] netsec a9f09f7 1/6: Check TLS certs against CRL, Jimmy Yuen Ho Wong, 2018/07/14