[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#15905: 24.3; url-copy-file sometimes silently downloads garbage or i
Live System User
bug#15905: 24.3; url-copy-file sometimes silently downloads garbage or incomplete file
Mon, 22 Feb 2016 13:45:54 -0500
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
Lars Magne Ingebrigtsen <address@hidden> writes:
> John Wiegley <address@hidden> writes:
>> Lars, what is the argument for rejecting external TLS programs, for and
> I don't know what the pro argument is.
One of the pro arguments, of course, is choice.
> The argument against is that using external programs doesn't go through
> the Emacs network security manager, and TLS validation either has to be
> switched off ("--insecure") or switched on for all connections. Which
> is, of course, unacceptable.
You can use certificates with the -CApath argument to OpenSSL just like
GnuTLS uses trustfiles -- it doesn't have to be all or nothing.
I'm not suggesting that the ("--insecure") switch be the default but why
actively prevent users from using OpenSSL or any other external SSL/TLS
program if they choose to do so and go through the trouble of setting
it up for themselves?
No one is against having internal GnuTLS and NSM facilities as a
convenience and a security feature enabled and setup for users as
the default environment.
But please reconsider removing choice for users.
|[Prev in Thread]
||[Next in Thread]|
- bug#15905: 24.3; url-copy-file sometimes silently downloads garbage or incomplete file,
Live System User <=