[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#29978: wishlist: gnutls-verify-error needs a 'ask mode
From: |
Robert Pluim |
Subject: |
bug#29978: wishlist: gnutls-verify-error needs a 'ask mode |
Date: |
Thu, 04 Jan 2018 17:23:53 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.0.90 (gnu/linux) |
Andreas Schwab <schwab@suse.de> writes:
> On Jan 04 2018, Robert Pluim <rpluim@gmail.com> wrote:
>
>> Verification using gnutls-verify-error is currently an either-or
>> proposition: if the verification fails, there's no fallback. Typical
>> browser implementations allow querying the user for the desired
>> action, emacs should allow something similar.
>
> Isn't that what NSM is about?
NSM doesn't currently come into play until gnutls.c has finished
setting up the TLS connection. Since gnutls.c is the one doing the
verification, by then it's too late.
Robert