[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: The netsec thread
|
From: |
Robert Pluim |
|
Subject: |
Re: The netsec thread |
|
Date: |
Tue, 03 Sep 2019 11:49:57 +0200 |
>>>>> On Sun, 25 Aug 2019 07:33:41 +0200, Lars Ingebrigtsen <address@hidden>
>>>>> said:
Lars> Paul Eggert <address@hidden> writes:
>> Come to think of it, Emacs shouldn't make the :compression feature
>> visible on newer-GnuTLS systems, since the feature is obsolescent and
>> just clutters up the runtime and data. So I installed the attached
>> patch, which causes this feature (and the :encrypt-then-mac feature)
>> to be exported to the Lisp level only if the underlying GnuTLS library
>> supports the feature. This gives a bit more info to the Lisp code (if
>> it wants it) and simplifies the data and the low-level code slightly.
In a similar vein: TLS1.3 removed support for renegotiation, so should
the following in gnutls-peer-status be made conditional on TLS1.3
having not been negotiated?
/* Renegotiation Indication */
result = nconc2
(result, list2 (intern (":safe-renegotiation"),
gnutls_safe_renegotiation_status (state) ? Qt : Qnil));
(And nsm-protocol-check--renegotiation-info-ext probably needs
adjustment as well. I have a patch in progress for that).
Robert
- Re: The netsec thread,
Robert Pluim <=
- Re: The netsec thread, Paul Eggert, 2019/09/03
- Re: The netsec thread, Robert Pluim, 2019/09/03
- Re: The netsec thread, Paul Eggert, 2019/09/03
- Re: The netsec thread, Robert Pluim, 2019/09/03
- Re: The netsec thread, Lars Ingebrigtsen, 2019/09/04
- Re: The netsec thread, Robert Pluim, 2019/09/04
- Re: The netsec thread, Paul Eggert, 2019/09/04
- Re: The netsec thread, Robert Pluim, 2019/09/04
- Re: The netsec thread, Robert Pluim, 2019/09/05
- Re: The netsec thread, Paul Eggert, 2019/09/05