GNU bug report logs - #31946
27.0.50; The NSM should warn about more TLS problems

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: emacs; Reported by: Lars Ingebrigtsen <larsi@HIDDEN>; Keywords: security; dated Sat, 23 Jun 2018 10:39:02 UTC; Maintainer for emacs is bug-gnu-emacs@HIDDEN.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 22 Jul 2018 11:06:03 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jul 22 07:06:03 2018
Received: from localhost ([127.0.0.1]:51584 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fhCBf-00005i-0g
	for submit <at> debbugs.gnu.org; Sun, 22 Jul 2018 07:06:03 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:57665)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fhCBd-00005I-Dl
 for 31946 <at> debbugs.gnu.org; Sun, 22 Jul 2018 07:06:01 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=stories)
 by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <larsi@HIDDEN>)
 id 1fhCBa-0001DI-R6; Sun, 22 Jul 2018 13:06:00 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Noam Postavsky <npostavs@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
 <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
 <m3va9w2w71.fsf@HIDDEN> <87sh4zlr6e.fsf@HIDDEN>
 <871scdoli3.fsf@HIDDEN> <877em5mva7.fsf@HIDDEN>
 <87sh4td0kk.fsf@HIDDEN> <877em5lcoz.fsf@HIDDEN>
 <87d0vvdexg.fsf@HIDDEN>
Date: Sun, 22 Jul 2018 13:05:58 +0200
In-Reply-To: <87d0vvdexg.fsf@HIDDEN> (Noam Postavsky's message of "Mon, 09
 Jul 2018 22:04:27 -0400")
Message-ID: <m3y3e3msx5.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Noam Postavsky <npostavs@HIDDEN> writes:

> Going by the certificate serial number, Firefox doesn't show this
> certificate at all in the chain.  The first two certificate serial
> numbers do match up, but Firefox shows
> 18:DA:D1:9E:26:7D:E8:BB:4A:21:58:CD:CC:6B:3B:4A for the 3rd one (root),
> while in Emacs the 3rd one has
> 25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd.
>
> I'm even more confused...

Yeah, I didn't get any further here, and I don't know what more to
check...

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 10 Jul 2018 02:04:45 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jul 09 22:04:45 2018
Received: from localhost ([127.0.0.1]:52907 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fci1B-0006nF-Dj
	for submit <at> debbugs.gnu.org; Mon, 09 Jul 2018 22:04:45 -0400
Received: from mail-it0-f42.google.com ([209.85.214.42]:33068)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <npostavs@HIDDEN>) id 1fci15-0006mv-6P
 for 31946 <at> debbugs.gnu.org; Mon, 09 Jul 2018 22:04:39 -0400
Received: by mail-it0-f42.google.com with SMTP id y124-v6so13464571itc.0
 for <31946 <at> debbugs.gnu.org>; Mon, 09 Jul 2018 19:04:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=hJyfglHzAiexE7EU8VgMk/1hZ2c6vzbyD3E+HNUatn4=;
 b=cBKqaJx8nESTAYA61g4tqoJC2vYRV//JL1w+Hce4CWCFK6goMyxZ1mPY7wQmNFqeuq
 dLVmQUpdvMvOXKZmk5727G9duQYkIJUAZHnCrDeQKTZmr0WxLmB//7Frc6D6qhrGz4Ol
 +b2bVAtxriAgxJepMvCYUS/nfzJHQzstCoEtWQUl3XnvGZhElJmJcu4s73LYf1xZiAeJ
 XxXNev3a6vn8DRTTK8Pt2ZqlJvPr6fI+MtTWY0XRRzXuW9aanUXcWHMYXT7S1uC0zD9h
 +3DiKRCF9Dz+YOYcemDlLns5cpmftox+xkOPPnGoSp5rQBRJvXuuxfV24x9Z56/sEc5t
 4AsQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version;
 bh=hJyfglHzAiexE7EU8VgMk/1hZ2c6vzbyD3E+HNUatn4=;
 b=Uoc9U7KIu7DzV3YwVquwclxtIe8kEov56WWcAoo8ptZTVZRlK2yDYVCXSIsdTf7XXy
 D0NI+cY8wnUmc2jMffpsA8nq3LepBAmAxloL6oBpWtH4SeWwKg++67LcxUKlv7ZuJsnY
 2/TxiR4JC7mqdDriNcyHdRbNQ7SsBxjHGMttC9VXwgdOjbxKu+Rs4kK93Qq4gXThdJ0G
 1cC9qo6HC9tx7z3D3VeHyk2ZC1DEkhRF6iskqQByl50Zw8xqQiJv4p3JdyDZfXqV3/JA
 XdRaaefjBaORT4TPex1d6jUecqmHGacvMa1j5oDxXD97CMjfddzDj7PLl90cpEGM1bQi
 oT7A==
X-Gm-Message-State: APt69E32r8gtMYmnG4ThfMrNU+hQB88YVC0cbAvhBQqEgJ93HT8Ra3bt
 LhvOD1n61RPuQqkBJsZF5aVvAw==
X-Google-Smtp-Source: AAOMgpf9swxQvWPLxFDUCl8xJyJSwdjxFXhgIFl6MLqEEC7xS2q15VBpnE/yVf/aSn1kZ3VZ46hStA==
X-Received: by 2002:a02:1506:: with SMTP id
 j6-v6mr19130199jad.30.1531188269408; 
 Mon, 09 Jul 2018 19:04:29 -0700 (PDT)
Received: from zebian (cbl-45-2-119-34.yyz.frontiernetworks.ca. [45.2.119.34])
 by smtp.googlemail.com with ESMTPSA id
 u125-v6sm6080795ita.4.2018.07.09.19.04.28
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Mon, 09 Jul 2018 19:04:28 -0700 (PDT)
From: Noam Postavsky <npostavs@HIDDEN>
To: Lars Ingebrigtsen <larsi@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
 <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
 <m3va9w2w71.fsf@HIDDEN> <87sh4zlr6e.fsf@HIDDEN>
 <871scdoli3.fsf@HIDDEN> <877em5mva7.fsf@HIDDEN>
 <87sh4td0kk.fsf@HIDDEN> <877em5lcoz.fsf@HIDDEN>
Date: Mon, 09 Jul 2018 22:04:27 -0400
In-Reply-To: <877em5lcoz.fsf@HIDDEN> (Lars Ingebrigtsen's message of
 "Sun, 08 Jul 2018 22:01:00 +0200")
Message-ID: <87d0vvdexg.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Lars Ingebrigtsen <larsi@HIDDEN> writes:

> So we need a new way to determine whether a certificate is an
> intermediate certificate.  Unless that really is an intermediate
> certificate and the warning is correct.  :-)

Going by the certificate serial number, Firefox doesn't show this
certificate at all in the chain.  The first two certificate serial
numbers do match up, but Firefox shows
18:DA:D1:9E:26:7D:E8:BB:4A:21:58:CD:CC:6B:3B:4A for the 3rd one (root),
while in Emacs the 3rd one has
25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd.

I'm even more confused...




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 8 Jul 2018 20:01:07 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jul 08 16:01:07 2018
Received: from localhost ([127.0.0.1]:51461 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fcFrm-0007Qf-TP
	for submit <at> debbugs.gnu.org; Sun, 08 Jul 2018 16:01:07 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:36732)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fcFrk-0007QX-PC
 for 31946 <at> debbugs.gnu.org; Sun, 08 Jul 2018 16:01:05 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=marnie)
 by hermes.netfonds.no with esmtpsa
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>)
 id 1fcFrh-0000ug-6X; Sun, 08 Jul 2018 22:01:03 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Noam Postavsky <npostavs@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
 <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
 <m3va9w2w71.fsf@HIDDEN> <87sh4zlr6e.fsf@HIDDEN>
 <871scdoli3.fsf@HIDDEN> <877em5mva7.fsf@HIDDEN>
 <87sh4td0kk.fsf@HIDDEN>
Date: Sun, 08 Jul 2018 22:01:00 +0200
In-Reply-To: <87sh4td0kk.fsf@HIDDEN> (Noam Postavsky's message of "Sun, 08
 Jul 2018 14:50:03 -0400")
Message-ID: <877em5lcoz.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Noam Postavsky <npostavs@HIDDEN> writes:

> Yeah, the _dn3 data still misses the CN=... from the issuer and is not
> equal the the subject for the root, so it doesn't seem to help this
> problem.

I tried using gnutls-cli, and it saus:

- Certificate[2] info:
 - subject `CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=(c) 2006 VeriSign\, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US', issuer `OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US', serial 0x250ce8e030612e9f2b89f7054d7cf8fd, RSA key 2048 bits, signed using RSA-SHA1, activated `2006-11-08 00:00:00 UTC', expires `2021-11-07 23:59:59 UTC', key-ID `sha256:25b41b506e4930952823a6eb9f1d31def645ea38a5c6c6a96d71957e384df058'

So, no CN= in the issuer there, either...

And here's openssl s_client:

 2 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
   i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority

So there just isn't any CN= in the issuer here?

So we need a new way to determine whether a certificate is an
intermediate certificate.  Unless that really is an intermediate
certificate and the warning is correct.  :-)

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 8 Jul 2018 19:22:57 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jul 08 15:22:56 2018
Received: from localhost ([127.0.0.1]:51448 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fcFGn-0006XR-6U
	for submit <at> debbugs.gnu.org; Sun, 08 Jul 2018 15:22:56 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:36495)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fcFGi-0006XG-2b
 for 31946 <at> debbugs.gnu.org; Sun, 08 Jul 2018 15:22:51 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=marnie)
 by hermes.netfonds.no with esmtpsa
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fcFEw-000311-EZ
 for 31946 <at> debbugs.gnu.org; Sun, 08 Jul 2018 21:22:47 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: 31946 <at> debbugs.gnu.org
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
 <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
 <m3va9w2w71.fsf@HIDDEN> <87sh4zlr6e.fsf@HIDDEN>
 <871scdoli3.fsf@HIDDEN> <8736wtmv5h.fsf@HIDDEN>
Date: Sun, 08 Jul 2018 21:20:57 +0200
In-Reply-To: <8736wtmv5h.fsf@HIDDEN> (Lars Ingebrigtsen's message of
 "Sun, 08 Jul 2018 20:36:58 +0200")
Message-ID: <87k1q5lejq.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Lars Ingebrigtsen <larsi@HIDDEN> writes:

> (And who's
> responsibility is it to clean up the data in &issuer anyway?  I can't
> use gnutls_free, because the datum itself shouldn't be freed...)

Aha.  You're supposed to say

        gnutls_free(buf.data);

This is a thing that often frustrates me with C libraries: They usually
don't specify these memory life cycle things...

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 8 Jul 2018 18:50:21 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jul 08 14:50:21 2018
Received: from localhost ([127.0.0.1]:51426 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fcElE-0005nG-8n
	for submit <at> debbugs.gnu.org; Sun, 08 Jul 2018 14:50:21 -0400
Received: from mail-it0-f42.google.com ([209.85.214.42]:33434)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <npostavs@HIDDEN>) id 1fcEl8-0005n0-UD
 for 31946 <at> debbugs.gnu.org; Sun, 08 Jul 2018 14:50:14 -0400
Received: by mail-it0-f42.google.com with SMTP id y124-v6so9844117itc.0
 for <31946 <at> debbugs.gnu.org>; Sun, 08 Jul 2018 11:50:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=XerKKAAZTpkrvtQ1D91LZzCbBe1VIleMsQ9pTj526W8=;
 b=VyPWDvlyUTjnEvBf5YaMSNuaHTq2eTcss2j6auqTsLURnsIlXYfgGDE5I/+F57qVlF
 MERvw1yhJK/G1z4+6Dx68/B7Ut4quDW23sB7QA4lbDAO1aUaIXRC4+gxqDYIJ5KnsbHt
 TFoNcBnZEIcB3WjKG02D/RB4t6OyZCV5u2dao2lQcurjsJqRGFtFF4FKMMuUna2K61Z4
 g1jKt+LfuE3kA7TwWJ4URVvBcimza4jbaKyeufxuFFD/dgzY9WBxiU6hOLdSZQNU2BmO
 ERxtmL5p2t8yxdG2tyOGbAmBXRfS6+Pe7wCom/smX4Y7lu53EM8TClGfN6ikDxCxDTK/
 EhOg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version;
 bh=XerKKAAZTpkrvtQ1D91LZzCbBe1VIleMsQ9pTj526W8=;
 b=h/vLiW9EWZlwyQsL1L5xBFTFTyGXO/MU70ZxBiE1IcIG58cDDr7T8wvnaHfPSaG698
 2aRs0N8WDVX6Uayv1khfnsMyplN7p8vv4iIyRr5jARZuDnAjO304iZ1MVN9ZY2VRM78j
 yaSP8qvVWSUebTXyXPBJvJHotFXteh7gU88yR34IrPX8yGz1ZaQy/b3gt6tsWEcZJ1yj
 rtYrVINpHF9sm+gzrAdbmRmAJC2JG6R/7ZXHjEG7Ty6r5jzRfuMTnBPX5SdTRnlwdhG/
 HF6lNPhjQgWDlJ32GuqnpNjQJcSovCcS564/cA3oSYQuW4z+qFMd1+b2LlY0RLB8R8Rc
 Qi/A==
X-Gm-Message-State: APt69E2YMLUNei5KVTlLRUfBGmmq6T1DcqKNdSUrzPq6fZJnLCbsoLc7
 CH2q5rHwPCz4iDYuyxk3nTps/w==
X-Google-Smtp-Source: AAOMgpcb35+cCdRY9Pv2xCvagjKTkmbZmAbpyEQ5cw8+pMvSkiQv67GcWRCpCQSMYaIANJSeDDtg8A==
X-Received: by 2002:a02:9a10:: with SMTP id
 b16-v6mr15059552jal.4.1531075805197; 
 Sun, 08 Jul 2018 11:50:05 -0700 (PDT)
Received: from zebian (cbl-45-2-119-34.yyz.frontiernetworks.ca. [45.2.119.34])
 by smtp.googlemail.com with ESMTPSA id
 u125-v6sm4538551ita.4.2018.07.08.11.50.04
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Sun, 08 Jul 2018 11:50:04 -0700 (PDT)
From: Noam Postavsky <npostavs@HIDDEN>
To: Lars Ingebrigtsen <larsi@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
 <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
 <m3va9w2w71.fsf@HIDDEN> <87sh4zlr6e.fsf@HIDDEN>
 <871scdoli3.fsf@HIDDEN> <877em5mva7.fsf@HIDDEN>
Date: Sun, 08 Jul 2018 14:50:03 -0400
In-Reply-To: <877em5mva7.fsf@HIDDEN> (Lars Ingebrigtsen's message of
 "Sun, 08 Jul 2018 20:34:08 +0200")
Message-ID: <87sh4td0kk.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Lars Ingebrigtsen <larsi@HIDDEN> writes:

> Let's see.  Here's the issuer/subjects from the three certificates in
> the chain on that site when I use _dn3:

>  ("OU=Class 3 Public Primary Certification Authority,O=VeriSign\\, Inc.,C=US" . "CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=(c) 2006 VeriSign\\, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\\, Inc.,C=US"))

> OK, and this is Firefox:
>
>     CN = VeriSign Class 3 Public Primary Certification Authority - G5
>     OU = "(c) 2006 VeriSign, Inc. - For authorized use only"
>     OU = VeriSign Trust Network
>     O = "VeriSign, Inc."
>     C = US
>
> Hm.  Actually, aren't these all the same?  Just in different order?  The
> _dn3 data seems to be the same as the _dn data, only rejuggled...

Yeah, the _dn3 data still misses the CN=... from the issuer and is not
equal the the subject for the root, so it doesn't seem to help this
problem.




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 8 Jul 2018 18:37:09 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jul 08 14:37:09 2018
Received: from localhost ([127.0.0.1]:51406 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fcEYX-0005TH-A7
	for submit <at> debbugs.gnu.org; Sun, 08 Jul 2018 14:37:09 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:36237)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fcEYV-0005T9-HX
 for 31946 <at> debbugs.gnu.org; Sun, 08 Jul 2018 14:37:08 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=marnie)
 by hermes.netfonds.no with esmtpsa
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>)
 id 1fcEYS-0003CW-S1; Sun, 08 Jul 2018 20:37:06 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Noam Postavsky <npostavs@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
 <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
 <m3va9w2w71.fsf@HIDDEN> <87sh4zlr6e.fsf@HIDDEN>
 <871scdoli3.fsf@HIDDEN>
Date: Sun, 08 Jul 2018 20:36:58 +0200
In-Reply-To: <871scdoli3.fsf@HIDDEN> (Lars Ingebrigtsen's message of
 "Sun, 08 Jul 2018 16:22:28 +0200")
Message-ID: <8736wtmv5h.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

And this it the patch.  It'd have to be cleaned up and autoconfiged, of
course, if this turns out to be the way to go.  (And who's
responsibility is it to clean up the data in &issuer anyway?  I can't
use gnutls_free, because the datum itself shouldn't be freed...)

diff --git a/src/gnutls.c b/src/gnutls.c
index dfbbecfc87..69b64ae96d 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -1031,6 +1031,16 @@ gnutls_certificate_details (gnutls_x509_crt_t cert)
     }
 
   /* Issuer. */
+#if 1
+  {
+    gnutls_datum_t issuer;
+    err = gnutls_x509_crt_get_issuer_dn3 (cert, &issuer, 0);
+    if (err >= GNUTLS_E_SUCCESS)
+      res = nconc2 (res, list2 (intern (":issuer"),
+				make_string ((char *) issuer.data,
+					     issuer.size)));
+  }
+#else
   buf_size = 0;
   err = gnutls_x509_crt_get_issuer_dn (cert, NULL, &buf_size);
   check_memory_full (err);
@@ -1044,6 +1054,7 @@ gnutls_certificate_details (gnutls_x509_crt_t cert)
 				  make_string (dn, buf_size)));
       xfree (dn);
     }
+#endif
 
   /* Validity. */
   {
@@ -1062,6 +1073,16 @@ gnutls_certificate_details (gnutls_x509_crt_t cert)
   }
 
   /* Subject. */
+#if 1
+  {
+    gnutls_datum_t subject;
+    err = gnutls_x509_crt_get_dn3 (cert, &subject, 0);
+    if (err >= GNUTLS_E_SUCCESS)
+      res = nconc2 (res, list2 (intern (":subject"),
+				make_string ((char *) subject.data,
+					     subject.size)));
+  }
+#else
   buf_size = 0;
   err = gnutls_x509_crt_get_dn (cert, NULL, &buf_size);
   check_memory_full (err);
@@ -1075,6 +1096,7 @@ gnutls_certificate_details (gnutls_x509_crt_t cert)
 				  make_string (dn, buf_size)));
       xfree (dn);
     }
+#endif
 
   /* SubjectPublicKeyInfo. */
   {


-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no





Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 8 Jul 2018 18:34:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jul 08 14:34:19 2018
Received: from localhost ([127.0.0.1]:51402 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fcEVm-0005PG-Rv
	for submit <at> debbugs.gnu.org; Sun, 08 Jul 2018 14:34:19 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:36205)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fcEVl-0005P8-1u
 for 31946 <at> debbugs.gnu.org; Sun, 08 Jul 2018 14:34:18 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=marnie)
 by hermes.netfonds.no with esmtpsa
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>)
 id 1fcEVh-0006MS-Jc; Sun, 08 Jul 2018 20:34:15 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Noam Postavsky <npostavs@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
 <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
 <m3va9w2w71.fsf@HIDDEN> <87sh4zlr6e.fsf@HIDDEN>
 <871scdoli3.fsf@HIDDEN>
Date: Sun, 08 Jul 2018 20:34:08 +0200
In-Reply-To: <871scdoli3.fsf@HIDDEN> (Lars Ingebrigtsen's message of
 "Sun, 08 Jul 2018 16:22:28 +0200")
Message-ID: <877em5mva7.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Let's see.  Here's the issuer/subjects from the three certificates in
the chain on that site when I use _dn3:

(("CN=Symantec Class 3 Secure Server CA - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US" . "CN=*.usps.com,OU=Telecommunications Services,O=United States Postal Service,L=Raleigh,ST=North Carolina,C=US")
 ("CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=(c) 2006 VeriSign\\, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\\, Inc.,C=US" . "CN=Symantec Class 3 Secure Server CA - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US")
 ("OU=Class 3 Public Primary Certification Authority,O=VeriSign\\, Inc.,C=US" . "CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=(c) 2006 VeriSign\\, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\\, Inc.,C=US"))

And here's when I use _dn:

(("C=US,O=Symantec Corporation,OU=Symantec Trust Network,CN=Symantec Class 3 Secure Server CA - G4" . "C=US,ST=North Carolina,L=Raleigh,O=United States Postal Service,OU=Telecommunications Services,CN=*.usps.com")
 ("C=US,O=VeriSign\\, Inc.,OU=VeriSign Trust Network,OU=(c) 2006 VeriSign\\, Inc. - For authorized use only,CN=VeriSign Class 3 Public Primary Certification Authority - G5" . "C=US,O=Symantec Corporation,OU=Symantec Trust Network,CN=Symantec Class 3 Secure Server CA - G4")
 ("C=US,O=VeriSign\\, Inc.,OU=Class 3 Public Primary Certification Authority" . "C=US,O=VeriSign\\, Inc.,OU=VeriSign Trust Network,OU=(c) 2006 VeriSign\\, Inc. - For authorized use only,CN=VeriSign Class 3 Public Primary Certification Authority - G5"))

OK, and this is Firefox:

    CN = VeriSign Class 3 Public Primary Certification Authority - G5
    OU = "(c) 2006 VeriSign, Inc. - For authorized use only"
    OU = VeriSign Trust Network
    O = "VeriSign, Inc."
    C = US

Hm.  Actually, aren't these all the same?  Just in different order?  The
_dn3 data seems to be the same as the _dn data, only rejuggled...

Or am I totally misreading?  That's quite likely.  :-)

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no





Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 8 Jul 2018 14:24:02 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jul 08 10:24:02 2018
Received: from localhost ([127.0.0.1]:51226 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fcAbY-0007k5-SA
	for submit <at> debbugs.gnu.org; Sun, 08 Jul 2018 10:24:02 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:34611)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fcAbX-0007jx-0N
 for 31946 <at> debbugs.gnu.org; Sun, 08 Jul 2018 10:23:59 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=marnie)
 by hermes.netfonds.no with esmtpsa
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>)
 id 1fcAbU-0003EO-6a; Sun, 08 Jul 2018 16:23:58 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Noam Postavsky <npostavs@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
In-Reply-To: <87sh4zlr6e.fsf@HIDDEN> (Noam Postavsky's message of "Tue, 03
 Jul 2018 21:34:33 -0400")
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
 <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
 <m3va9w2w71.fsf@HIDDEN> <87sh4zlr6e.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
Date: Sun, 08 Jul 2018 16:23:54 +0200
Message-ID: <87zhz1n6v9.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Noam Postavsky <npostavs@HIDDEN> writes:

> But in Emacs, I'm getting this from gnutls_x509_crt_get_issuer_dn():
>
> "C=US,O=VeriSign\\, Inc.,OU=Class 3 Public Primary Certification Authority"
>
> and this from  gnutls_x509_crt_get_dn():
>
> "C=US,O=VeriSign\\, Inc.,OU=VeriSign Trust Network,OU=(c) 2006
> VeriSign\\, Inc. - For authorized use only,CN=VeriSign Class 3 Public
> Primary Certification Authority - G5"

Ah, I see...

> So gnutls is getting this non-matching issuer from somewhere, but it's
> unclear to me where.

Hm...

Oh!  I see that gnutls has gotten several variations on these functions
now.  For instance:

https://www.gnutls.org/reference/gnutls-x509.html#gnutls-x509-crt-get-issuer-dn3

It says:

"When the flag GNUTLS_X509_DN_FLAG_COMPAT is specified, the output
format will match the format output by previous to 3.5.6 versions of
GnuTLS which was not not fully RFC4514-compliant."

Which I would interpret to mean that the dn3 version of these functions
now return the RFC4515-compliant strings.  Perhaps we should call these
newer functions instead of the _dn functions?  I guess more #ifdefs and
configure checks will be needed...

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 8 Jul 2018 14:23:07 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jul 08 10:23:07 2018
Received: from localhost ([127.0.0.1]:51223 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fcAah-0007is-JJ
	for submit <at> debbugs.gnu.org; Sun, 08 Jul 2018 10:23:07 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:34600)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fcAaf-0007iO-MY
 for 31946 <at> debbugs.gnu.org; Sun, 08 Jul 2018 10:23:06 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=marnie)
 by hermes.netfonds.no with esmtpsa
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>)
 id 1fcAY6-0003BW-Q8; Sun, 08 Jul 2018 16:23:05 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Noam Postavsky <npostavs@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
 <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
 <m3va9w2w71.fsf@HIDDEN> <87sh4zlr6e.fsf@HIDDEN>
Date: Sun, 08 Jul 2018 16:20:26 +0200
In-Reply-To: <87sh4zlr6e.fsf@HIDDEN> (Noam Postavsky's message of "Tue, 03
 Jul 2018 21:34:33 -0400")
Message-ID: <874lh9ollh.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Noam Postavsky <npostavs@HIDDEN> writes:

> But in Emacs, I'm getting this from gnutls_x509_crt_get_issuer_dn():
>
> "C=US,O=VeriSign\\, Inc.,OU=Class 3 Public Primary Certification Authority"
>
> and this from  gnutls_x509_crt_get_dn():
>
> "C=US,O=VeriSign\\, Inc.,OU=VeriSign Trust Network,OU=(c) 2006
> VeriSign\\, Inc. - For authorized use only,CN=VeriSign Class 3 Public
> Primary Certification Authority - G5"

Ah, I see...

> So gnutls is getting this non-matching issuer from somewhere, but it's
> unclear to me where.

Hm...

Oh!  I see that gnutls has gotten several variations on these functions
now.  For instance:

https://www.gnutls.org/reference/gnutls-x509.html#gnutls-x509-crt-get-issuer-dn3

It says:

"When the flag GNUTLS_X509_DN_FLAG_COMPAT is specified, the output
format will match the format output by previous to 3.5.6 versions of
GnuTLS which was not not fully RFC4514-compliant."

Which I would interpret to mean that the dn3 version of these functions
now return the RFC4515-compliant strings.  Perhaps we should call these
newer functions instead of the _dn functions?  I guess more #ifdefs and
configure checks will be needed...

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 8 Jul 2018 14:23:07 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jul 08 10:23:07 2018
Received: from localhost ([127.0.0.1]:51221 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fcAah-0007ij-C4
	for submit <at> debbugs.gnu.org; Sun, 08 Jul 2018 10:23:07 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:34596)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fcAaf-0007iJ-5F
 for 31946 <at> debbugs.gnu.org; Sun, 08 Jul 2018 10:23:06 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=marnie)
 by hermes.netfonds.no with esmtpsa
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>)
 id 1fcAa5-0004fH-DY; Sun, 08 Jul 2018 16:23:03 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Noam Postavsky <npostavs@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
In-Reply-To: <87sh4zlr6e.fsf@HIDDEN> (Noam Postavsky's message of "Tue, 03
 Jul 2018 21:34:33 -0400")
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
 <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
 <m3va9w2w71.fsf@HIDDEN> <87sh4zlr6e.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
Date: Sun, 08 Jul 2018 16:22:28 +0200
Message-ID: <871scdoli3.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Noam Postavsky <npostavs@HIDDEN> writes:

> But in Emacs, I'm getting this from gnutls_x509_crt_get_issuer_dn():
>
> "C=US,O=VeriSign\\, Inc.,OU=Class 3 Public Primary Certification Authority"
>
> and this from  gnutls_x509_crt_get_dn():
>
> "C=US,O=VeriSign\\, Inc.,OU=VeriSign Trust Network,OU=(c) 2006
> VeriSign\\, Inc. - For authorized use only,CN=VeriSign Class 3 Public
> Primary Certification Authority - G5"

Ah, I see...

> So gnutls is getting this non-matching issuer from somewhere, but it's
> unclear to me where.

Hm...

Oh!  I see that gnutls has gotten several variations on these functions
now.  For instance:

https://www.gnutls.org/reference/gnutls-x509.html#gnutls-x509-crt-get-issuer-dn3

It says:

"When the flag GNUTLS_X509_DN_FLAG_COMPAT is specified, the output
format will match the format output by previous to 3.5.6 versions of
GnuTLS which was not not fully RFC4514-compliant."

Which I would interpret to mean that the dn3 version of these functions
now return the RFC4515-compliant strings.  Perhaps we should call these
newer functions instead of the _dn functions?  I guess more #ifdefs and
configure checks will be needed...

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 8 Jul 2018 14:23:07 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jul 08 10:23:07 2018
Received: from localhost ([127.0.0.1]:51219 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fcAah-0007ih-5G
	for submit <at> debbugs.gnu.org; Sun, 08 Jul 2018 10:23:07 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:34597)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fcAaf-0007iI-4h
 for 31946 <at> debbugs.gnu.org; Sun, 08 Jul 2018 10:23:06 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=marnie)
 by hermes.netfonds.no with esmtpsa
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>)
 id 1fcAZb-0002Cg-5I; Sun, 08 Jul 2018 16:23:03 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Noam Postavsky <npostavs@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
In-Reply-To: <87sh4zlr6e.fsf@HIDDEN> (Noam Postavsky's message of "Tue, 03
 Jul 2018 21:34:33 -0400")
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
 <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
 <m3va9w2w71.fsf@HIDDEN> <87sh4zlr6e.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
Date: Sun, 08 Jul 2018 16:21:57 +0200
Message-ID: <8736wtoliy.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Noam Postavsky <npostavs@HIDDEN> writes:

> But in Emacs, I'm getting this from gnutls_x509_crt_get_issuer_dn():
>
> "C=US,O=VeriSign\\, Inc.,OU=Class 3 Public Primary Certification Authority"
>
> and this from  gnutls_x509_crt_get_dn():
>
> "C=US,O=VeriSign\\, Inc.,OU=VeriSign Trust Network,OU=(c) 2006
> VeriSign\\, Inc. - For authorized use only,CN=VeriSign Class 3 Public
> Primary Certification Authority - G5"

Ah, I see...

> So gnutls is getting this non-matching issuer from somewhere, but it's
> unclear to me where.

Hm...

Oh!  I see that gnutls has gotten several variations on these functions
now.  For instance:

https://www.gnutls.org/reference/gnutls-x509.html#gnutls-x509-crt-get-issuer-dn3

It says:

"When the flag GNUTLS_X509_DN_FLAG_COMPAT is specified, the output
format will match the format output by previous to 3.5.6 versions of
GnuTLS which was not not fully RFC4514-compliant."

Which I would interpret to mean that the dn3 version of these functions
now return the RFC4515-compliant strings.  Perhaps we should call these
newer functions instead of the _dn functions?  I guess more #ifdefs and
configure checks will be needed...

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 4 Jul 2018 01:34:51 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jul 03 21:34:51 2018
Received: from localhost ([127.0.0.1]:45740 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1faWgx-0007uU-UD
	for submit <at> debbugs.gnu.org; Tue, 03 Jul 2018 21:34:51 -0400
Received: from mail-it0-f45.google.com ([209.85.214.45]:51478)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <npostavs@HIDDEN>) id 1faWgs-0007uC-Am
 for 31946 <at> debbugs.gnu.org; Tue, 03 Jul 2018 21:34:46 -0400
Received: by mail-it0-f45.google.com with SMTP id o5-v6so5716124itc.1
 for <31946 <at> debbugs.gnu.org>; Tue, 03 Jul 2018 18:34:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=Q5N+/nsmay7YcLiT6gaTCd5rXaJcm0OieFRr9C+dzSU=;
 b=EOX6Qy2QjDeVr8gRKKtm0gjbJWWpn/azS6+sLYAAUMrfpmJQqxxA8/UyjCRo7VHNuM
 uatWqKxzMnCzalORHeB7IcxHGwmLb804VuCkjjFJUSJQh5//QZ4cU+RmbPKV5Zq17fNy
 PPopLcD8YntOz5iEoQgMCkfjAYu49KUCozDzFCxTyvReizjjXSltcmaIr5NUk+v/Myzr
 tg0Mr9VWnyBRuEqppf9dQSiFyStSdF2MlfYucww4jYWBBx6tz4C8fXk4K64VS9N1d/mW
 CpB7du++Cvf9nOP9yfOwc7Rm68g0tPTcmz40UkSDwn1PPIPhzFhZKXkiYzmRxO3iBXy8
 6oEw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version;
 bh=Q5N+/nsmay7YcLiT6gaTCd5rXaJcm0OieFRr9C+dzSU=;
 b=cxTzm3cvzS3pJ/AOUuNUmoWZyVyshPGXwvAiXtRfPWyqIF1746qZ1YYQO6X6/OTfF9
 ot37513LD6dnAnds4UZ6bDzkrbB2YQmWfDCzCx3q7FJxTzACi6ijLVQNsphEY3mriaK+
 A7O3TBf0P/eIc4LNHsocPqGqxyLJ1t2NvvCHlbtY0MVnFA9tSwayE456XzdM7WI0ZkSM
 z99xknfjFHIcRXKbPieHLqmYoPnKN27ejfGm9GvMARhhP1X48LQWy2nxTpcTS6A8ncAR
 GOpi/CrdoEbCCswAO+yrVwHtYOC9TmSQEZXHNS+KqZQJPuorW8vNFNNjOOWcKBv+tiut
 O6Zg==
X-Gm-Message-State: APt69E2Mpdq3zzz7R/ob5sDzZxLDoAJs8vw14zn8mMc5rbmzw9VaGONc
 YuGrNob2WFEaVM78EAP/+Dv/Sw==
X-Google-Smtp-Source: AAOMgpfm/hZdXuWfk15gqyKWFYHsFbLTEJudPkSIdz4vzHr/5cFTo0F2hONegcykwhnrvJm52cpdJA==
X-Received: by 2002:a24:6285:: with SMTP id
 d127-v6mr344021itc.52.1530668076661; 
 Tue, 03 Jul 2018 18:34:36 -0700 (PDT)
Received: from zebian (cbl-45-2-119-34.yyz.frontiernetworks.ca. [45.2.119.34])
 by smtp.googlemail.com with ESMTPSA id
 h81-v6sm4224312ith.2.2018.07.03.18.34.34
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Tue, 03 Jul 2018 18:34:35 -0700 (PDT)
From: Noam Postavsky <npostavs@HIDDEN>
To: Lars Ingebrigtsen <larsi@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
 <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
 <m3va9w2w71.fsf@HIDDEN>
Date: Tue, 03 Jul 2018 21:34:33 -0400
In-Reply-To: <m3va9w2w71.fsf@HIDDEN> (Lars Ingebrigtsen's message of "Tue,
 03 Jul 2018 17:08:50 +0200")
Message-ID: <87sh4zlr6e.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Lars Ingebrigtsen <larsi@HIDDEN> writes:

> Hm...  this URL
>
> https://www.usps.com/business/web-tools-apis/welcome.htm
>
> now gives a warning about a SHA1 intermediary certificate, while
> Chromium and Firefox seems fine with it, so there may be a bug in the
> SHA1 check.  Haven't had time to debug.

According to the show certificate info in Firefox, it's the root
certificate which has SHA1.  Firefox shows both the issuer and subject
name as:

    CN = VeriSign Class 3 Public Primary Certification Authority - G5
    OU = "(c) 2006 VeriSign, Inc. - For authorized use only"
    OU = VeriSign Trust Network
    O = "VeriSign, Inc."
    C = US

But in Emacs, I'm getting this from gnutls_x509_crt_get_issuer_dn():

"C=US,O=VeriSign\\, Inc.,OU=Class 3 Public Primary Certification Authority"

and this from  gnutls_x509_crt_get_dn():

"C=US,O=VeriSign\\, Inc.,OU=VeriSign Trust Network,OU=(c) 2006 VeriSign\\, Inc. - For authorized use only,CN=VeriSign Class 3 Public Primary Certification Authority - G5"

So gnutls is getting this non-matching issuer from somewhere, but it's
unclear to me where.




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 3 Jul 2018 15:08:56 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jul 03 11:08:56 2018
Received: from localhost ([127.0.0.1]:45592 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1faMvI-0001Ow-45
	for submit <at> debbugs.gnu.org; Tue, 03 Jul 2018 11:08:56 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:57550)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1faMvG-0001Oo-GN
 for 31946 <at> debbugs.gnu.org; Tue, 03 Jul 2018 11:08:54 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=stories)
 by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <larsi@HIDDEN>) id 1faMvD-0005u7-2f
 for 31946 <at> debbugs.gnu.org; Tue, 03 Jul 2018 17:08:53 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: 31946 <at> debbugs.gnu.org
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
 <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAGFBMVEVjUzX/+R7+7hb/8xn/
 8BjhxRj+6RP+6xZEQNkpAAACLElEQVQ4jVWTwY7bMAxEeVHuhv9AdaNzVtoPqCXU1zRdOdcggOXr
 wvVKv18OZSdZIQGCeR4OaSqUcpr1UFI9OZVS1nBqGkpJ4xxTmsZcUr7rpbMC7gL46Rjv+sg/g6tg
 0ZVMADid9fYJjqzHDDnwYcsDsD4X6H3wji1Us/UYI8cUHQJ/vAVYzDnheQFL33c9lwJIZ0Iw9Mhl
 Q+g7hLCoKMaR9fIVL7oPSLd2oESHgxSaud4HWvJe5rgRUZymiAHjpeNgJDCYlCIVUSzGax0CBg6P
 RBCZjEvw0quAiQDQVpx1x6oLvgG4RTVKu/GK8QBqxm06yJuNY8IQztWQlkulCngxwXrRxVE3N40p
 8YIQgPhvYJaRxVAXtZ+Fh0OvTzBDnlPhXp2z+J5aAcvmkMedfy0VxdP1Gq/8BXzRCIAdGy3vty4K
 L0UsxWBEU8TEEuuk5gyPQcurhFEUIMX4di4hDGsIp7alKDqpVKtpEwpG51L5/CR5zmxDiKO5ZNqL
 lXrWgCt61ea2WXJZjCmD9NsQ3yVTLYeSqwPkRNNiSrXQdd7B6rldbXAZa7Gyn2A5g8m05W+qgBF3
 fWuZW+S5ecZSPAC/1s2iIOMMK2fwf2VvmT6CbS3/1ewvUh1vodfHzeKbtmnlJl60/mH7YD4r+QtR
 buJddqZ7c6Yzt/DvBViHxfQ/SbHDPsCy3Rjr2ELKNjvYdet+I6J5AGRv5JNU8wr024be6M93YDbg
 3p+6/Q+rngupQVgG5QAAAABJRU5ErkJggg==
Date: Tue, 03 Jul 2018 17:08:50 +0200
In-Reply-To: <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
 (Jimmy Yuen Ho Wong's message of "Tue, 26 Jun 2018 07:26:20 +0100")
Message-ID: <m3va9w2w71.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hm...  this URL

https://www.usps.com/business/web-tools-apis/welcome.htm

now gives a warning about a SHA1 intermediary certificate, while
Chromium and Firefox seems fine with it, so there may be a bug in the
SHA1 check.  Haven't had time to debug.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no





Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 1 Jul 2018 15:01:48 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jul 01 11:01:48 2018
Received: from localhost ([127.0.0.1]:42242 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fZdrI-00029U-3f
	for submit <at> debbugs.gnu.org; Sun, 01 Jul 2018 11:01:48 -0400
Received: from eggs.gnu.org ([208.118.235.92]:42552)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@HIDDEN>) id 1fZdrH-00029I-6d
 for 31946 <at> debbugs.gnu.org; Sun, 01 Jul 2018 11:01:47 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@HIDDEN>) id 1fZdr8-0007Ur-7F
 for 31946 <at> debbugs.gnu.org; Sun, 01 Jul 2018 11:01:42 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled
 version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:42809)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@HIDDEN>)
 id 1fZdr8-0007Ue-35; Sun, 01 Jul 2018 11:01:38 -0400
Received: from [176.228.60.248] (port=2467 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <eliz@HIDDEN>)
 id 1fZdr7-0007UH-FC; Sun, 01 Jul 2018 11:01:37 -0400
Date: Sun, 01 Jul 2018 18:01:27 +0300
Message-Id: <83po07knjs.fsf@HIDDEN>
From: Eli Zaretskii <eliz@HIDDEN>
To: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
In-reply-to: <CAKDRQS4LWyfDB8Ao3ECNzPt6LWEHSa9_FaK_yhPtuMLgVXbdQA@HIDDEN>
 (message from Jimmy Yuen Ho Wong on Sat, 30 Jun 2018 18:28:41 +0100)
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN> <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <87tvpnojgt.fsf@HIDDEN>
 <CAKDRQS59U_itWd7E4FNi4g_QGp5qWWciqOS0-yd26Z-AkK6jZA@HIDDEN>
 <m3lgayhop3.fsf@HIDDEN>
 <CAKDRQS5KOq7RsL1jfJvHk7apKQ3noscfK1r74A7pVQXcFErUxw@HIDDEN>
 <m3h8lmhmlf.fsf@HIDDEN>
 <CAKDRQS71J_bPMnSB77nPx_fYzAfgwqTVgNuCALBB3zVy_xv9JA@HIDDEN>
 <CAKDRQS4mf3Ze6urA3iLVR91oeON47=BavBy+dsXW_wv_KOUPNQ@HIDDEN>
 <CAKDRQS6kwsAQ-ptV2+aGvaq3pH0TztueR8E9OdzS7p9YjAqQqQ@HIDDEN>
 <CAKDRQS4LWyfDB8Ao3ECNzPt6LWEHSa9_FaK_yhPtuMLgVXbdQA@HIDDEN>
MIME-version: 1.0
Content-type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 31946
Cc: larsi@HIDDEN, 31946 <at> debbugs.gnu.org, npostavs@HIDDEN
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -6.0 (------)

> From: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
> Date: Sat, 30 Jun 2018 18:28:41 +0100
> Cc: Noam Postavsky <npostavs@HIDDEN>, Eli Zaretskii <eliz@HIDDEN>, 31946 <at> debbugs.gnu.org
> 
> Here's the patch promised.
> 
> Summary of changes:
> 
> * 9 new checks added, some for securing Emacs builts with older GnuTLS
> versions, some for bringing NSM checks to 2018.
> * Individual checks are now suffixe'd by their cipher suite part. E.g.
> dhe-kx for DHE key exchange, des-cipher for DES cipher, sha1-sig for
> SHA1 signature.
> * Protocal checks now return an error message instead of querying the
> user directly.
> * All protocol checks under the same network-security-level are
> performed. All of the messages are then merged if any, and the user is
> only prompt once after the protocol check for all problems found.
> * nsm-query and nsm-query-user no longer takes extra args to format
> messages. Formatted messages are now provided directly by the
> individual checks.
> * Fix RC4 check where it was previously checking for non-existent RC4
> cipher from GnuTLS. GnuTLS actually calls RC4 ARCFOUR.
> * Removed sha1 check as it is already covered by the intermediate SHA1 checks.
> * DHE check now checks for < 1024 bit prime for 'medium and usage of
> DHE for 'high and above, in addition to prime bit length.

Just looking at this with somewhat naïve eyes of a user who knows very
little about security features, I'm bothered that we add so many
checks to the 'medium' level, only 2 to 'high', and _none_ to
'paranoid'.  Since 'medium' is the lowest level that provides _any_
security features, does having 12 out of 14 checks in 'medium' really
make sense?  Do other browsers offer the same features on the lowest
security level?  Aren't some of the vulnerabilities less frequent
and/or less dangerous, in which case it would make sense to move them
to higher levels?  Or maybe we should introduce an intermediate level
between 'medium' and 'high', and move some of these new checks into
it?

That's my main concern about this and other similar changes.

The next concern is about documentation: IMO such a massive upgrade of
security needs to document the checks, in the source if not in the
Emacs manual.  We must give our users tools to make informed decisions
regarding which security measures are good for them.  This patch comes
just with doc strings, which IMO is not enough: NEWS and the manual
should also be updated.  As for doc strings, see comments below.

>  (defvar network-security-protocol-checks
> -  '((diffie-hellman-prime-bits medium 1024)
> -    (rc4 medium)
> -    (signature-sha1 medium)
> -    (intermediate-sha1 medium)
> -    (3des high)
> +  '((rsa-kx high)
> +    (dhe-kx medium)
> +    (anon-kx medium)
> +    (export-kx medium)
> +    (cbc-cipher high)
> +    (ecdsa-cbc-cipher medium)
> +    (3des-cipher medium)
> +    (des-cipher medium)
> +    (rc4-cipher medium)
> +    (rc2-cipher medium)
> +    (null-cipher medium)
> +    (sha1-sig medium)
> +    (md5-sig medium)
>      (ssl medium))
>    "This variable specifies what TLS connection checks to perform.

Either each test should be documented right here, or the doc string of
this variable should refer the reader to the respective functions,
explaining how to deduce the function name from the test name.

> +(defun nsm-protocol-check--rsa-kx (host port status)
> +  "Check for static RSA key exchange.
> +
> +Static RSA key exchange methods do not offer perfect forward
> +secrecy.
> +
> +Reference:
> +
> +IETF TLSWG (2014). \"[TLS] Confirming Consensus on removing RSA key
> +Transport from TLS 1.3\",
> +`https://www.ietf.org/mail-archive/web/tls/current/msg11621.html'"

A reference is fine, but it alone is not enough: we cannot expect
users to read academic papers just to decide what security they need.
IMO, we should say at least a few words about each test, enough for
the user to understand whether they need this test.  It may be enough
to say just how frequent and/or dangerous is the corresponding
vulnerability; adding the description of a vulnerability with some
objective assessment of its relevance would be a bonus.

> +Recent version of GnuTLS does not enable this key exchange by default,
> +but can be enabled if requested.  This check is mainly provided to
> +secure Emacs built with older version of GnuTLS.

Please state the first version of GnuTLS that disables this by
default: what is "recent" today will become less so in a year.  I'd
like us to give a user who knows what version of GnuTLS she has
installed an effective way of deciding whether this test is needed.

> +RC4 cipher has been prohibited by RFC 7465.
> +
> +Recent version of GnuTLS does not enable this cipher by default, but
> +can be enabled if requested.  This check is mainly provided to secure
> +Emacs built with older version of GnuTLS.

Likewise here (and elsewhere in the patch).

> +The first SHA1 collision was found in 2017[1], as a precaution against
> +events followed the discovery of cheap collisions in MD5, major
> +browsers[2][3][4] have sunsetted the use of SHA1 signatures in
> +certificates.     ^^^^^^^^^^^^^^

Please try to avoid using jargon that may be difficult for non-native
English speakers to understand.  Security issues should not be
obscured by obscure language.

Thanks again for working on this.




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 30 Jun 2018 23:35:11 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Jun 30 19:35:10 2018
Received: from localhost ([127.0.0.1]:41531 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fZPOY-00083A-Mv
	for submit <at> debbugs.gnu.org; Sat, 30 Jun 2018 19:35:10 -0400
Received: from mail-it0-f41.google.com ([209.85.214.41]:55454)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <npostavs@HIDDEN>) id 1fZPOX-00082z-OZ
 for 31946 <at> debbugs.gnu.org; Sat, 30 Jun 2018 19:35:09 -0400
Received: by mail-it0-f41.google.com with SMTP id 16-v6so7597801itl.5
 for <31946 <at> debbugs.gnu.org>; Sat, 30 Jun 2018 16:35:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=4bjH8MnkAUm6AUU4fSGMayoD+H6Qy3QJhdnrP4vgwqI=;
 b=pegiUktHF19bxKYSdaetqctZcEVuu+wuW3acFJgNZnNLLNI4pzjI0j5+PveyRyG5NA
 GIgiVux5afJDkxsHk3UAF9CXmEyAGQ6P79M0yMw8+k01QV0brCqNPsu+x/f6ZUkyjOK7
 nGv9E8HzM+ltZxwwNsxUMWTAFURIcsxv/gJaFKEajvPVYo7qGrvZOo2wwWzK3HuWYQn9
 1G1p5YBH1fxWBGQ2lVk8Zp/UBB729CDqUWpiHGd3Zi4VSqq0njf3MkFXpbKVa1YYMdOv
 /BUHEA3tuZaDKntH2SzklQwSqo2/BlCBmp4Uiqk/b3t69jWZ9r368afpvvBVU0Y3HEXp
 aDDg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version;
 bh=4bjH8MnkAUm6AUU4fSGMayoD+H6Qy3QJhdnrP4vgwqI=;
 b=ILyeDZOoVNCkImuqoD7bxRYa9MoSwjiu0onZzEf3IU6Bau2Z1hhtE8K3dj0hGkEFRW
 mb8m9lHSE4/xhDAvlBGafgijOuZfytwYfsUC7aZ9RcYxIGA1orXQqI2M3rOxE0VLcCcT
 Y8c6iHlyCkgEGkjHs6haYRUZJK93ppeASW2q7596n+VEN8l0DDlwjLZ6n1JAU+RUolMx
 jsANsBn0RzGgFozrFANgnZN/wi9fT0tZdvei4E9w2L93DW5YQy7z2G+MrUJm4i4smgiS
 Ne78NKl81/F18fzmxY9IMR9AtSoHaRlpZEJQZtkbq/6WUpZeCtUlKQgl2B01XiwX4DI3
 UQBw==
X-Gm-Message-State: APt69E3F9Dz4WcpXjrnh+QQxD5UCQ1Br1AT36V3glJwNHaaiuwuBwL/K
 ZwhDZcynOMQKk5SGt2Jo6SE=
X-Google-Smtp-Source: AAOMgpfRcOqhmMa16R/2jH7CqJ6hf04lPcx9iLeXXSXpVz7hH3jV5pIqENhrk5FVswwufXt6oIaNKw==
X-Received: by 2002:a02:9891:: with SMTP id
 q17-v6mr2173182jaj.78.1530401704227; 
 Sat, 30 Jun 2018 16:35:04 -0700 (PDT)
Received: from zebian (cbl-45-2-119-34.yyz.frontiernetworks.ca. [45.2.119.34])
 by smtp.googlemail.com with ESMTPSA id
 w139-v6sm13960145iow.61.2018.06.30.16.35.03
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Sat, 30 Jun 2018 16:35:03 -0700 (PDT)
From: Noam Postavsky <npostavs@HIDDEN>
To: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN>
 <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <87tvpnojgt.fsf@HIDDEN>
 <CAKDRQS59U_itWd7E4FNi4g_QGp5qWWciqOS0-yd26Z-AkK6jZA@HIDDEN>
 <m3lgayhop3.fsf@HIDDEN>
 <CAKDRQS5KOq7RsL1jfJvHk7apKQ3noscfK1r74A7pVQXcFErUxw@HIDDEN>
 <m3h8lmhmlf.fsf@HIDDEN>
 <CAKDRQS71J_bPMnSB77nPx_fYzAfgwqTVgNuCALBB3zVy_xv9JA@HIDDEN>
 <CAKDRQS4mf3Ze6urA3iLVR91oeON47=BavBy+dsXW_wv_KOUPNQ@HIDDEN>
 <CAKDRQS6kwsAQ-ptV2+aGvaq3pH0TztueR8E9OdzS7p9YjAqQqQ@HIDDEN>
 <CAKDRQS4LWyfDB8Ao3ECNzPt6LWEHSa9_FaK_yhPtuMLgVXbdQA@HIDDEN>
 <87lgawm2z3.fsf@HIDDEN>
 <CAKDRQS4U=siaswtg9mxmJz16hw-va7iXHxbJXf9Gxi4+aZbAmQ@HIDDEN>
Date: Sat, 30 Jun 2018 19:35:02 -0400
In-Reply-To: <CAKDRQS4U=siaswtg9mxmJz16hw-va7iXHxbJXf9Gxi4+aZbAmQ@HIDDEN>
 (Jimmy Yuen Ho Wong's message of "Sun, 1 Jul 2018 00:15:49 +0100")
Message-ID: <87in5zn909.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Eli Zaretskii <eliz@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Jimmy Yuen Ho Wong <wyuenho@HIDDEN> writes:

> But "change" is determined by a public key ID hash instead of the
> actual fingerprint (but `nsm-fingerprint` treat the public key ID as
> the fingerprint),

That seems okay to me.  If the public key stays the same, that indicates
it's signed by the same private key holder that was trusted last time.
What did you expect the "actual fingerprint" to be, and how would using
it help?




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 30 Jun 2018 23:16:18 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Jun 30 19:16:18 2018
Received: from localhost ([127.0.0.1]:41522 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fZP6H-0007bw-M3
	for submit <at> debbugs.gnu.org; Sat, 30 Jun 2018 19:16:18 -0400
Received: from mail-io0-f181.google.com ([209.85.223.181]:42835)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wyuenho@HIDDEN>) id 1fZP6F-0007bj-Co
 for 31946 <at> debbugs.gnu.org; Sat, 30 Jun 2018 19:16:15 -0400
Received: by mail-io0-f181.google.com with SMTP id r24-v6so11620101ioh.9
 for <31946 <at> debbugs.gnu.org>; Sat, 30 Jun 2018 16:16:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=EygzMz1dz5XAbew+qaF8nfup1wAFWQDmG/iHmHBWiL0=;
 b=IP0enpcFxNLeCuiFOvpwZN8FWDHFvTXGQwhVHhJKrODqlWJvXVCQdV7h/TKGccznJh
 VbGl4PGtTcGW+j44B7UUx27HE2sK9hEC8nfupG4MczJfkzw2LJzM2066XrBTyJ4NVtdf
 ErAyWULQurXAwu0XykWcQ0/Daq0o1spCGeYkx3divYesQtIA8pNWD42zoe5mtaAKDRh4
 r/doJvgFlXEs0G0JATDqkIBPHSXKo8rCBkZEjcWDWGZTvo8sZ4SEh7y/nOvTYda1J7lL
 v91qwiaMAXWmUhidu7JMjQviI+VzSzIAJ43fe9Dxvx0T1vNfhlDkDLvRDdAKUH8yB4MU
 GrGQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=EygzMz1dz5XAbew+qaF8nfup1wAFWQDmG/iHmHBWiL0=;
 b=rbOc/f9EEb/OKxCSoKNR/72yVVqwaJQw47lwIU7Cn/sj6+HrSjbTadi2rSZxpYUUjl
 LncQrmmmg77WDCkwGAP2s5hg+8J9Esaoi7feLG2rTV7Zi3Kzerc2vZpoSq8doKDEBwy1
 QKBNVwedFKnj1O5l7YnsvG5yg9MD+YHGYtQ6+JYO4/pdSqkhXjLJeYM2e9I0gQYEGbz0
 99SxV/N7Pb1oOyOMP1gQcaMzwF3/1G8iQh0tReyE17K9MHuCow5AWZRCNgYYXpkp4tEo
 oJkjUaPFeuyETFctinDx47HY3eooJXTFsyygJJVMr7u2DabjPv3owxViosqM/gEhHSUa
 rCng==
X-Gm-Message-State: APt69E0S96TITwqcQmtLoMt/VVxfCGitdXSm2baIw1JCq3AbrWUAoQ5S
 uxoh/tvbLZWzq9Ee6K/Fkuy3q1zhvjsn0IiwO/c=
X-Google-Smtp-Source: AAOMgpeM0WVnUSTcG4r1aQlbKThfvNHGL/cDtN+lw+pozL17Lq+4q3iJaJx7ktBwjalz7qwCezKSciJLZUvjxy99qVQ=
X-Received: by 2002:a6b:e008:: with SMTP id
 z8-v6mr4522109iog.296.1530400569747; 
 Sat, 30 Jun 2018 16:16:09 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:985d:0:0:0:0:0 with HTTP; Sat, 30 Jun 2018 16:15:49
 -0700 (PDT)
In-Reply-To: <87lgawm2z3.fsf@HIDDEN>
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN> <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <87tvpnojgt.fsf@HIDDEN>
 <CAKDRQS59U_itWd7E4FNi4g_QGp5qWWciqOS0-yd26Z-AkK6jZA@HIDDEN>
 <m3lgayhop3.fsf@HIDDEN>
 <CAKDRQS5KOq7RsL1jfJvHk7apKQ3noscfK1r74A7pVQXcFErUxw@HIDDEN>
 <m3h8lmhmlf.fsf@HIDDEN>
 <CAKDRQS71J_bPMnSB77nPx_fYzAfgwqTVgNuCALBB3zVy_xv9JA@HIDDEN>
 <CAKDRQS4mf3Ze6urA3iLVR91oeON47=BavBy+dsXW_wv_KOUPNQ@HIDDEN>
 <CAKDRQS6kwsAQ-ptV2+aGvaq3pH0TztueR8E9OdzS7p9YjAqQqQ@HIDDEN>
 <CAKDRQS4LWyfDB8Ao3ECNzPt6LWEHSa9_FaK_yhPtuMLgVXbdQA@HIDDEN>
 <87lgawm2z3.fsf@HIDDEN>
From: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Date: Sun, 1 Jul 2018 00:15:49 +0100
Message-ID: <CAKDRQS4U=siaswtg9mxmJz16hw-va7iXHxbJXf9Gxi4+aZbAmQ@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
To: Noam Postavsky <npostavs@HIDDEN>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Eli Zaretskii <eliz@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Thanks. I'll update the patch later.

I'm having a headache about what to do with the prompts now.
Currently, if a cert didn't verify, there's a prompt. If a cert did
verify but was "changed", I get another prompt. But "change" is
determined by a public key ID hash instead of the actual fingerprint
(but `nsm-fingerprint` treat the public key ID as the fingerprint),
and the prompt happens *before* cipher suite checks, in which you may
get another prompt.

I think I need to do another pass at this to get the check ordering
right so I can get just one prompt for all problems found.

Basically, I'm trying to break the certificate check into multiple
checks (I'll do that for DHE too) and figure out what to do with the
fingerprint. Let me know if I'm going way off track here...



On Sat, Jun 30, 2018 at 9:30 PM, Noam Postavsky <npostavs@HIDDEN> wrote:
> Jimmy Yuen Ho Wong <wyuenho@HIDDEN> writes:
>
>> I've manually tested this patch a bit, but please give this patch a
>> look and see if I've missed anything. I need all the feedbacks I can
>> get for this.
>
> Overall, I'd say this looks pretty good.  Some (mostly minor) comments
> on the details below.
>
>> * lisp/net/nsm.el
>> (nsm-check-certificate, nsm-fingerprint-ok-p,
>> nsm-check-plain-connection): Pre-format query messages before passing
>
> It should be formatted as
>
> (nsm-check-certificate, nsm-fingerprint-ok-p)
> (nsm-check-plain-connection): Pre-format query messages before passing
>
>> (nsm-protocol-check--diffie-hellman-prime-bits): Rename to
>> nsm-protocol-check--dhe-kx. Checks for prime bits < 1024 for 'medium
>                              ^
>
> Periods should be double spaced, this applies in docstrings as well.
>
>> nsm-protocol-check--rc4-cipher. Fix bug where it was previously
>> checking for non-existent cipher name RC4 in GnuTLS instead of
>> ARCFOUR.
>
> Yikes, that's a good catch.
>
>>  (defvar network-security-protocol-checks
>> +  '((rsa-kx high)
>> +    (dhe-kx medium)
>> +    (anon-kx medium)
>> +    (export-kx medium)
>> +    (cbc-cipher high)
>> +    (ecdsa-cbc-cipher medium)
>> +    (3des-cipher medium)
>> +    (des-cipher medium)
>> +    (rc4-cipher medium)
>> +    (rc2-cipher medium)
>> +    (null-cipher medium)
>> +    (sha1-sig medium)
>> +    (md5-sig medium)
>>      (ssl medium))
>
>> @@ -198,87 +207,370 @@ network-security-protocol-checks
>>  HOST PORT STATUS OPTIONAL-PARAMETER.")
>>
>>  (defun nsm-check-protocol (process host port status settings)
>> +  (let ((results
>> +         (cl-remove-if-not
>> +          #'cdr
>> +          (cl-loop for check in network-security-protocol-checks
>
> This cl-remove-if-not over a cl-loop collect seems a bit awkward.  How
> about
>
> (cl-loop for (name level . _) in network-security-protocol-checks
>          for type = (intern (format ":%s" name))
>          ;; Skip the check if the user has already said that this
>          ;; host is OK for this type of "error".
>          for result =
>          (and (not (memq type (plist-get settings :conditions)))
>               (>= (nsm-level network-security-level)
>                   (nsm-level level))
>               (funcall (intern (format "nsm-protocol-check--%s" name))
>                        host port status))
>          when result
>          collect (cons type result))
>
>> +(defun nsm-protocol-check--dhe-kx (host port status)
>> +  "Check for finite field ephemeral Diffie-Hellman key exchange.
>> +
>> +If `network-security-level' is 'medium, and a DHE key exchange
>> +method was used, this function queries the user if the prime bit
>> +length is < 1024.
>> +
>> +If `network-security-level' is 'high or above, and a DHE key
>> +exchange method was used, this function queries the user even if
>> +the prime bit length is >= 1024.
>
> It's kind of inconvenient that this function hardcodes the security
> levels; it also makes reading the current settings more difficult (e.g.,
> when I saw (dhe-kx medium) at first, I thought you were going to warn
> about DHE on level medium).  Can we do better here?  Maybe split in two?
> (By the way, the network-security-level values in docstrings should be
> formatted as `medium' and `high', not single quoted.)
>
>> +In 2014, the discovery of Logjam[1] had proven non-elliptic-curve
>> +Diffie-Hellman key exchange with < 1024 prime bit length to be
>> +unsafe.
>
> I'd actually say, DH smaller than 1024 bits was known to be unsafe
> before that, the logjam attack allows a man-in-the-middle to downgrade
> what would have been a >= 1024 bit connection to "export" grade (e.g.,
> 512 bits).
>
>> +      (if (and (>= (nsm-level network-security-level) (nsm-level 'medium))
>> +               (< prime-bits 1024))
>> +          (setq msg (format-message
>> +                     "Diffie-Hellman prime bits (%s) too low (%s)"
>
> I would phrase this as
>
> "Diffie-Hellman prime bits (%d) lower than `gnutls-min-prime-bits' (%d)"
>
>> +                     prime-bits gnutls-min-prime-bits)))
>> +      (if (>= (nsm-level network-security-level) (nsm-level 'high))
>> +          (setq msg (concat
>> +                     msg
>> +                     (format-message
>> +                      "non-elliptic-curve ephemeral Diffie-Hellman key exchange method (%s) maybe using an unsafe prime"
>
> I would phrase this as
>
> "non-standardized Diffie-Hellman parameters cannot be validated"
>
> (this covers the non-elliptic-curveness as well; the reason elliptic
> curves are safe is that they're standardized and pre-validated.)
>
> And you're missing a space between the messages, in the case where you
> hit both of them.
>
>> +(defun nsm-protocol-check--anon-kx (host port status)
>> +  "Check for anonymous key exchange.
>> +
>> +Anonymouse key exchange exposes the connection to MITM attacks.
>> +
>> +Reference:
>> +
>> +GnuTLS authors (2018). \"GnuTLS Manual 4.3.3 Anonymous
>> +authentication\",
>> +`https://www.gnutls.org/manual/gnutls.html\#Anonymous-authentication'"
>                                              ^
>                                              typo?
>
>> +(defun nsm-protocol-check--export-kx (host port status)
>> +  "Check for EXPORT key exchange.
>> +
>> +EXPORT cipher suites are a family of 40-bit effective security
>> +algorithms legally exportable by the United States in the early 90s.
>> +They can be broken in seconds on 2018 hardware.
>> +
>> +Recent version of GnuTLS does not enable this key exchange by default,
>
> This should be "Recent versions of GnuTLS do not..."
>
>> +but can be enabled if requested.  This check is mainly provided to
>       ^
>       it
>
>> +;; Cipher checks
>> +
>> +(defun nsm-protocol-check--cbc-cipher (host port status)
>> +  "Check for CBC mode ciphers.
>> +
>> +CBC mode cipher in TLS versions earlier than 1.3 are problematic
>> +because of MAC-then-encrypt. This construction is vulnerable to
>> +padding oracle attacks[1].
>
> I think the TLS version reference should be dropped, unless TLS 1.3 uses
> CBC with encrypt-then-MAC?  I understood it just deprecates CBC
> altogether.
>
>> +(defun nsm-protocol-check--3des-cipher (host port status)
>> +  "Check for 3DES ciphers.
>> +
>> +3DES is considered a weak cipher by NIST as it only has 80 bits
>
> Is it possible to distinguish between 3DES 2-key and 3DES 3-key? (the
> latter giving 112 bit security, which is still a bit low, but probably
> acceptable for medium level)
>




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 30 Jun 2018 20:30:50 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Jun 30 16:30:49 2018
Received: from localhost ([127.0.0.1]:41484 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fZMW9-0003bV-H2
	for submit <at> debbugs.gnu.org; Sat, 30 Jun 2018 16:30:49 -0400
Received: from mail-io0-f177.google.com ([209.85.223.177]:40859)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <npostavs@HIDDEN>) id 1fZMW8-0003bH-Br
 for 31946 <at> debbugs.gnu.org; Sat, 30 Jun 2018 16:30:48 -0400
Received: by mail-io0-f177.google.com with SMTP id t135-v6so11465115iof.7
 for <31946 <at> debbugs.gnu.org>; Sat, 30 Jun 2018 13:30:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=T3PbVkvvZXG6BKPDMyr6S/8C08zY+ILgVZhPEtPPHm0=;
 b=mMIyliwPEO37cm1u3BtncGUEMTNVeoFBSdgBkeYKSDW313hBWeiu7J2h87DgzAP3GT
 MRP1PwSpLtapXxVfGiNvcs2fPWwoEfRF0NOqEPZ0gFujBSU+7eVlJ2kDzKKLCEQXhYEA
 VO9CxzaqgusIeaNT++FO7nNzgrVhKGoiipuhw+7MsQbHBAaRMyGNUoUwhR2+mp0KF8md
 Kc/J4y0RcJDFn7o76Rixk5stLx4Z0XL2QBx1mRxWVKxUor5SMkJacQ9sPMRcSHfMDLKy
 ZfzTDSkG44chLBk96XCtCYABoDyfBpKRtuZXjle5T1J0DhiH984Nj9+g9Ouv9lQqnlRS
 3UwQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version;
 bh=T3PbVkvvZXG6BKPDMyr6S/8C08zY+ILgVZhPEtPPHm0=;
 b=hXRxGaHHPAl7HB8T7KQLC3NahrGVEZW1j7AYybELdz5Y7V6xywXgSyWCzhactk0rL8
 AwwkGrWeheB88buq97DnBuJ/1WC9XdEvWZ5+mfKmKgJffqPSGd9L86/RSfGKZQXT0/K4
 CJSXef+82ko9xzr+JS6r6iaGrUOD8z3sUdkFjN/Mhg58ignoEA9QyBgFWFb8XdSBLOSF
 DwagA21KP1onE3Spn4aPHsKeeK3T8S1ex4G1zAkMd+cGDFittDgmELRkGx7KED1vdqE3
 hphOH7F0KPLfPWj4NYGflAyqyqoLhgJlIZavgIMeT8kfx8A9l3oV7bIiTrtmShYAmTu+
 N0dw==
X-Gm-Message-State: APt69E0EFVFbrC9LYhjOz0eP5ha3bIZUCcOHKhR3/N5QCYwnlIic2vYh
 rmIhwTZ+EF3+fGuZlqxQfmjK0w==
X-Google-Smtp-Source: AAOMgpeEmM4ItuhfmJk4Rk+5pqjI4Z/bVpBXam3b2G4uefp2z4WK0+zRWOhmm4YslufsySgRUezR7w==
X-Received: by 2002:a6b:5112:: with SMTP id
 f18-v6mr16375885iob.245.1530390642537; 
 Sat, 30 Jun 2018 13:30:42 -0700 (PDT)
Received: from zebian (cbl-45-2-119-34.yyz.frontiernetworks.ca. [45.2.119.34])
 by smtp.googlemail.com with ESMTPSA id
 l19-v6sm5532557ioh.27.2018.06.30.13.30.41
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Sat, 30 Jun 2018 13:30:41 -0700 (PDT)
From: Noam Postavsky <npostavs@HIDDEN>
To: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN>
 <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <87tvpnojgt.fsf@HIDDEN>
 <CAKDRQS59U_itWd7E4FNi4g_QGp5qWWciqOS0-yd26Z-AkK6jZA@HIDDEN>
 <m3lgayhop3.fsf@HIDDEN>
 <CAKDRQS5KOq7RsL1jfJvHk7apKQ3noscfK1r74A7pVQXcFErUxw@HIDDEN>
 <m3h8lmhmlf.fsf@HIDDEN>
 <CAKDRQS71J_bPMnSB77nPx_fYzAfgwqTVgNuCALBB3zVy_xv9JA@HIDDEN>
 <CAKDRQS4mf3Ze6urA3iLVR91oeON47=BavBy+dsXW_wv_KOUPNQ@HIDDEN>
 <CAKDRQS6kwsAQ-ptV2+aGvaq3pH0TztueR8E9OdzS7p9YjAqQqQ@HIDDEN>
 <CAKDRQS4LWyfDB8Ao3ECNzPt6LWEHSa9_FaK_yhPtuMLgVXbdQA@HIDDEN>
Date: Sat, 30 Jun 2018 16:30:40 -0400
In-Reply-To: <CAKDRQS4LWyfDB8Ao3ECNzPt6LWEHSa9_FaK_yhPtuMLgVXbdQA@HIDDEN>
 (Jimmy Yuen Ho Wong's message of "Sat, 30 Jun 2018 18:28:41 +0100")
Message-ID: <87lgawm2z3.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Eli Zaretskii <eliz@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Jimmy Yuen Ho Wong <wyuenho@HIDDEN> writes:

> I've manually tested this patch a bit, but please give this patch a
> look and see if I've missed anything. I need all the feedbacks I can
> get for this.

Overall, I'd say this looks pretty good.  Some (mostly minor) comments
on the details below.

> * lisp/net/nsm.el
> (nsm-check-certificate, nsm-fingerprint-ok-p,
> nsm-check-plain-connection): Pre-format query messages before passing

It should be formatted as

(nsm-check-certificate, nsm-fingerprint-ok-p)
(nsm-check-plain-connection): Pre-format query messages before passing

> (nsm-protocol-check--diffie-hellman-prime-bits): Rename to
> nsm-protocol-check--dhe-kx. Checks for prime bits < 1024 for 'medium
                             ^

Periods should be double spaced, this applies in docstrings as well.

> nsm-protocol-check--rc4-cipher. Fix bug where it was previously
> checking for non-existent cipher name RC4 in GnuTLS instead of
> ARCFOUR.

Yikes, that's a good catch.

>  (defvar network-security-protocol-checks
> +  '((rsa-kx high)
> +    (dhe-kx medium)
> +    (anon-kx medium)
> +    (export-kx medium)
> +    (cbc-cipher high)
> +    (ecdsa-cbc-cipher medium)
> +    (3des-cipher medium)
> +    (des-cipher medium)
> +    (rc4-cipher medium)
> +    (rc2-cipher medium)
> +    (null-cipher medium)
> +    (sha1-sig medium)
> +    (md5-sig medium)
>      (ssl medium))

> @@ -198,87 +207,370 @@ network-security-protocol-checks
>  HOST PORT STATUS OPTIONAL-PARAMETER.")
>  
>  (defun nsm-check-protocol (process host port status settings)
> +  (let ((results
> +         (cl-remove-if-not
> +          #'cdr
> +          (cl-loop for check in network-security-protocol-checks

This cl-remove-if-not over a cl-loop collect seems a bit awkward.  How
about

(cl-loop for (name level . _) in network-security-protocol-checks
         for type = (intern (format ":%s" name))
         ;; Skip the check if the user has already said that this
         ;; host is OK for this type of "error".
         for result =
         (and (not (memq type (plist-get settings :conditions)))
              (>= (nsm-level network-security-level)
                  (nsm-level level))
              (funcall (intern (format "nsm-protocol-check--%s" name))
                       host port status))
         when result
         collect (cons type result))

> +(defun nsm-protocol-check--dhe-kx (host port status)
> +  "Check for finite field ephemeral Diffie-Hellman key exchange.
> +
> +If `network-security-level' is 'medium, and a DHE key exchange
> +method was used, this function queries the user if the prime bit
> +length is < 1024.
> +
> +If `network-security-level' is 'high or above, and a DHE key
> +exchange method was used, this function queries the user even if
> +the prime bit length is >= 1024.

It's kind of inconvenient that this function hardcodes the security
levels; it also makes reading the current settings more difficult (e.g.,
when I saw (dhe-kx medium) at first, I thought you were going to warn
about DHE on level medium).  Can we do better here?  Maybe split in two?
(By the way, the network-security-level values in docstrings should be
formatted as `medium' and `high', not single quoted.)

> +In 2014, the discovery of Logjam[1] had proven non-elliptic-curve
> +Diffie-Hellman key exchange with < 1024 prime bit length to be
> +unsafe.

I'd actually say, DH smaller than 1024 bits was known to be unsafe
before that, the logjam attack allows a man-in-the-middle to downgrade
what would have been a >= 1024 bit connection to "export" grade (e.g.,
512 bits).

> +      (if (and (>= (nsm-level network-security-level) (nsm-level 'medium))
> +               (< prime-bits 1024))
> +          (setq msg (format-message
> +                     "Diffie-Hellman prime bits (%s) too low (%s)"

I would phrase this as

"Diffie-Hellman prime bits (%d) lower than `gnutls-min-prime-bits' (%d)"

> +                     prime-bits gnutls-min-prime-bits)))
> +      (if (>= (nsm-level network-security-level) (nsm-level 'high))
> +          (setq msg (concat
> +                     msg
> +                     (format-message
> +                      "non-elliptic-curve ephemeral Diffie-Hellman key exchange method (%s) maybe using an unsafe prime"

I would phrase this as

"non-standardized Diffie-Hellman parameters cannot be validated"

(this covers the non-elliptic-curveness as well; the reason elliptic
curves are safe is that they're standardized and pre-validated.)

And you're missing a space between the messages, in the case where you
hit both of them.

> +(defun nsm-protocol-check--anon-kx (host port status)
> +  "Check for anonymous key exchange.
> +
> +Anonymouse key exchange exposes the connection to MITM attacks.
> +
> +Reference:
> +
> +GnuTLS authors (2018). \"GnuTLS Manual 4.3.3 Anonymous
> +authentication\",
> +`https://www.gnutls.org/manual/gnutls.html\#Anonymous-authentication'"
                                             ^
                                             typo?

> +(defun nsm-protocol-check--export-kx (host port status)
> +  "Check for EXPORT key exchange.
> +
> +EXPORT cipher suites are a family of 40-bit effective security
> +algorithms legally exportable by the United States in the early 90s.
> +They can be broken in seconds on 2018 hardware.
> +
> +Recent version of GnuTLS does not enable this key exchange by default,

This should be "Recent versions of GnuTLS do not..."

> +but can be enabled if requested.  This check is mainly provided to
      ^
      it

> +;; Cipher checks
> +
> +(defun nsm-protocol-check--cbc-cipher (host port status)
> +  "Check for CBC mode ciphers.
> +
> +CBC mode cipher in TLS versions earlier than 1.3 are problematic
> +because of MAC-then-encrypt. This construction is vulnerable to
> +padding oracle attacks[1].

I think the TLS version reference should be dropped, unless TLS 1.3 uses
CBC with encrypt-then-MAC?  I understood it just deprecates CBC
altogether.

> +(defun nsm-protocol-check--3des-cipher (host port status)
> +  "Check for 3DES ciphers.
> +
> +3DES is considered a weak cipher by NIST as it only has 80 bits

Is it possible to distinguish between 3DES 2-key and 3DES 3-key? (the
latter giving 112 bit security, which is still a bit low, but probably
acceptable for medium level)





Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 30 Jun 2018 17:29:17 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Jun 30 13:29:17 2018
Received: from localhost ([127.0.0.1]:41426 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fZJgP-0007cR-W2
	for submit <at> debbugs.gnu.org; Sat, 30 Jun 2018 13:29:17 -0400
Received: from mail-it0-f51.google.com ([209.85.214.51]:40720)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wyuenho@HIDDEN>) id 1fZJgJ-0007c7-W2
 for 31946 <at> debbugs.gnu.org; Sat, 30 Jun 2018 13:29:11 -0400
Received: by mail-it0-f51.google.com with SMTP id 188-v6so7016167ita.5
 for <31946 <at> debbugs.gnu.org>; Sat, 30 Jun 2018 10:29:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=rRUymylXaGxqPP8VGIamWBPJHOklnPdw7mQuGYq5Puk=;
 b=fmJDzOtBTf4ZRdxCzRcA+sdeUtBxqTt5kzzOlbyt0nbbbTQtdsLGSpOHD1LIkO3yCY
 JH3vUeePcquTYllf2yEgZpxAqUcE6sZ+fXZB1r4pgbTaZBsdSv6A9fJneZ49kHEvuN22
 XKN9Aqq8eakwRAr80CQ/Z2E9vywsPfCm0eFm7ZXuY3gRA3AbJ3AsNfbZQ/jURIstLCBx
 WfHZgDmn3UNpNQBJDwAkrEdx+edX5PuxKreM39pQqadnZeqmvWrFSdBtRYn9s/WxhyyO
 xVvYh82xON5KdA7UKbMBPCUeEAA95Z8dIas7VO74NT7aKmDiaNI8oeb8rB7oEq0m13JI
 MlJw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=rRUymylXaGxqPP8VGIamWBPJHOklnPdw7mQuGYq5Puk=;
 b=Fdlmwt5hjFHFWyHkQNmOijy751feUUnxN9KxEz5Mx7eT+QYYoLO3J5CpB/SBz8kWAi
 L9bv0mt/OoOzxPV32hDRdyshj/+FZHwr6Nr2DXwHs2H7v10aSRkcaUXdurV0OnVC9KWC
 JGfLD7+kzTmvAnFFcyLDpWT/gau6C+3U3d8eI5ADCJFku/qHY6kaKLmnwa5TukOba3ey
 3oTxI0DxzwwnKMkStKLatXwe0jkROlne89/oi7ul5XBqyk09TFy2tJgKedrX4nrkD4VM
 VdWL4UTWLFe123/LnzzPQCbiYUIh9KJtx/clO8uJvCFzn5gbIEaxWVkbAIH5asSILKYE
 M4CA==
X-Gm-Message-State: APt69E2A4hpKZmGhmi4wz8SltnIlYiYu1KWolvusqzW81LPe1vW2EFw7
 ojLRmTTUfW2hLsX+4wLvmTr08wzRqk/kVQqtYM4=
X-Google-Smtp-Source: AAOMgpcKnDdzzIsdmFbwEpqR2F0k29IFx1tuFXLfKA7S7OiHJgTX+UjKvP7qzJ1ZVdPEgqbJL2he25C193G27KuHDCs=
X-Received: by 2002:a02:1e08:: with SMTP id m8-v6mr16610101jad.8.1530379742311; 
 Sat, 30 Jun 2018 10:29:02 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:985d:0:0:0:0:0 with HTTP; Sat, 30 Jun 2018 10:28:41
 -0700 (PDT)
In-Reply-To: <CAKDRQS6kwsAQ-ptV2+aGvaq3pH0TztueR8E9OdzS7p9YjAqQqQ@HIDDEN>
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN> <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <87tvpnojgt.fsf@HIDDEN>
 <CAKDRQS59U_itWd7E4FNi4g_QGp5qWWciqOS0-yd26Z-AkK6jZA@HIDDEN>
 <m3lgayhop3.fsf@HIDDEN>
 <CAKDRQS5KOq7RsL1jfJvHk7apKQ3noscfK1r74A7pVQXcFErUxw@HIDDEN>
 <m3h8lmhmlf.fsf@HIDDEN>
 <CAKDRQS71J_bPMnSB77nPx_fYzAfgwqTVgNuCALBB3zVy_xv9JA@HIDDEN>
 <CAKDRQS4mf3Ze6urA3iLVR91oeON47=BavBy+dsXW_wv_KOUPNQ@HIDDEN>
 <CAKDRQS6kwsAQ-ptV2+aGvaq3pH0TztueR8E9OdzS7p9YjAqQqQ@HIDDEN>
From: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Date: Sat, 30 Jun 2018 18:28:41 +0100
Message-ID: <CAKDRQS4LWyfDB8Ao3ECNzPt6LWEHSa9_FaK_yhPtuMLgVXbdQA@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
To: Lars Ingebrigtsen <larsi@HIDDEN>
Content-Type: multipart/mixed; boundary="000000000000e99d26056fdf4c89"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Eli Zaretskii <eliz@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Noam Postavsky <npostavs@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

--000000000000e99d26056fdf4c89
Content-Type: text/plain; charset="UTF-8"

Here's the patch promised.

Summary of changes:

* 9 new checks added, some for securing Emacs builts with older GnuTLS
versions, some for bringing NSM checks to 2018.
* Individual checks are now suffixe'd by their cipher suite part. E.g.
dhe-kx for DHE key exchange, des-cipher for DES cipher, sha1-sig for
SHA1 signature.
* Protocal checks now return an error message instead of querying the
user directly.
* All protocol checks under the same network-security-level are
performed. All of the messages are then merged if any, and the user is
only prompt once after the protocol check for all problems found.
* nsm-query and nsm-query-user no longer takes extra args to format
messages. Formatted messages are now provided directly by the
individual checks.
* Fix RC4 check where it was previously checking for non-existent RC4
cipher from GnuTLS. GnuTLS actually calls RC4 ARCFOUR.
* Removed sha1 check as it is already covered by the intermediate SHA1 checks.
* DHE check now checks for < 1024 bit prime for 'medium and usage of
DHE for 'high and above, in addition to prime bit length.

Possible improvements:

* Check for TLS compression. I haven't looked into how to do this with
GnuTLS' API yet, but we should probably do this because CRIME and
BREACH.
* Check for TLS 1.0 usage and protocol downgrades? Today happens to be
the deadline to migrate to TLS 1.1+ for PCI DSS compliance, but the
reason seems to be POODLE, BEAST, CRIME, BREACH and Heartbleed and
downgrade to SSL. Mitigations for some of these are already in
existing checks, others may be covered by a compression check. Maybe
we should be paranoid about this? Also, I'm not sure how to check for
protocol downgrades with GnuTLS' API.
* Write some unit tests....

I've manually tested this patch a bit, but please give this patch a
look and see if I've missed anything. I need all the feedbacks I can
get for this.

Jimmy

On Fri, Jun 29, 2018 at 6:25 AM, Jimmy Yuen Ho Wong <wyuenho@HIDDEN> wrote:
> Correction:
>
> This is the actualy cipher string I used
> "DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256".
>
> All 3 browsers fail to connect.
>
> On Fri, Jun 29, 2018 at 6:21 AM, Jimmy Yuen Ho Wong <wyuenho@HIDDEN> wrote:
>> Update:
>>
>> I just tried with this node.js script:
>>
>> #! /usr/bin/env node
>>
>> const https = require('https');
>> const fs = require('fs');
>>
>> const options = {
>>   key: fs.readFileSync('ryans-key.pem'),
>>   cert: fs.readFileSync('ryans-cert.pem'),
>>   ciphers: "DHE-RSA-AES128-GCM-SHA256"
>> };
>>
>> https.createServer(options, (req, res) => {
>>   res.writeHead(200);
>>   res.end('hello world\n');
>> }).listen(8000);
>>
>> Chrome gave me a ERR_SSL_VERSION_OR_CIPHER_MISMATCH, Firefox gave me a
>> SSL_ERROR_NO_CYPHER_OVERLAP, Safari just told me it can't establish a
>> connection.
>>
>> Conversely, changing DHE to ECDHE will at least show me the warning
>> screen for a self-signed cert, so I'm fairly certain now that these 3
>> browsers have removed DHE KX.
>>
>>
>> Heads up:
>>
>> I'm adding about 10 new checks into NSM ATM. Will send a early preview
>> patch here later today for feedback.
>>
>>
>> On Thu, Jun 28, 2018 at 7:15 PM, Jimmy Yuen Ho Wong <wyuenho@HIDDEN> wrote:
>>> The Telemetry data[1] from Mozilla in bug report 1227519[2] suggests
>>> DHE usage is very low for HTTP. No data for any other protocol.
>>>
>>> I just used Wireshark on Chrome and Firefox on macOS, they all seem to
>>> advertise DH and DHE cipher suites in Client Hello for TLS 1.2, they
>>> even advertise CBC mode ciphers too. While I'm not sure about Firefox,
>>> surely Chrome has removed DHE_SHA KX and CBC modes according to
>>> ChromeStatus[3]?
>>>
>>>
>>> [1]: https://tlscanary.mozilla.org/runs/2018-01-25-01-21-44/
>>> [2]: https://bugzilla.mozilla.org/show_bug.cgi?id=1227519
>>> [3]: https://www.chromestatus.com/features#tls
>>>
>>> On Thu, Jun 28, 2018 at 6:01 PM, Lars Ingebrigtsen <larsi@HIDDEN> wrote:
>>>> Jimmy Yuen Ho Wong <wyuenho@HIDDEN> writes:
>>>>
>>>>>> I can't see that that web page mentions Diffie-Hellman at all?
>>>>>>
>>>>>
>>>>> Click on the individual browsers.
>>>>
>>>> I see.
>>>>
>>>>> SSLLabs only reports that Firefox 59 / Win 7 has dropped support for
>>>>> DHE_RSA in the UA capabilities page[1], but client test[2] still shows
>>>>> it is supported, so does Chrome and Safari. I don't understand what's
>>>>> going on there. Could that list in in client test be static? Or that
>>>>> browsers still advertise their support for DHE_RSA when in fact they
>>>>> don't? Might have to get on a server and log out the TLS handshake to
>>>>> see what's actually going on...
>>>>>
>>>>> [1]: https://www.ssllabs.com/ssltest/clients.html
>>>>> [2]: https://www.ssllabs.com/ssltest/viewMyClient.html
>>>>
>>>> My
>>>>
>>>> Chromium        66.0.3359.117 (Developer Build) built on Debian 9.4,
>>>> running on Debian 9.4 (64-bit)
>>>>
>>>> on the viewMyClient reports not supporting DHE-RSA.
>>>>
>>>> Confusing.  :-)
>>>>
>>>> I tried finding a web site that says how many sites do not support ECDHE
>>>> as key exchange, and only found something from 2014 that says that was
>>>> 60%...
>>>>
>>>> --
>>>> (domestic pets only, the antidote for overdose, milk.)
>>>>    bloggy blog: http://lars.ingebrigtsen.no

--000000000000e99d26056fdf4c89
Content-Type: application/octet-stream; 
	name="0001-Modern-protocol-checks-for-NSM.patch"
Content-Disposition: attachment; 
	filename="0001-Modern-protocol-checks-for-NSM.patch"
Content-Transfer-Encoding: base64
X-Attachment-Id: f_jj1ncbuz0

RnJvbSAwOWRkYjQ4OTI4NzllOTMwMjViMGQ2ZjkyOTc5YjlmOGJlMzUwYzYyIE1vbiBTZXAgMTcg
MDA6MDA6MDAgMjAwMQpGcm9tOiBKaW1teSBZdWVuIEhvIFdvbmcgPHd5dWVuaG9AZ21haWwuY29t
PgpEYXRlOiBTYXQsIDMwIEp1biAyMDE4IDE3OjI4OjQ3ICswMTAwClN1YmplY3Q6IFtQQVRDSF0g
TW9kZXJuIHByb3RvY29sIGNoZWNrcyBmb3IgTlNNCgoqIGxpc3AvbmV0L25zbS5lbAoobnNtLWNo
ZWNrLWNlcnRpZmljYXRlLCBuc20tZmluZ2VycHJpbnQtb2stcCwKbnNtLWNoZWNrLXBsYWluLWNv
bm5lY3Rpb24pOiBQcmUtZm9ybWF0IHF1ZXJ5IG1lc3NhZ2VzIGJlZm9yZSBwYXNzaW5nCnRvIG5z
bS1xdWVyeS4KKG5zbS1xdWVyeSk6IE5vIGxvbmdlciB0YWtlcyBleHRyYSBhcmd1bWVudHMgZm9y
IGZvcm1hdHRpbmcKbWVzc2FnZXMuCihuc20tcXVlcnktdXNlcik6IE5vIGxvbmdlciB0YWtlIGV4
dHJhIGFyZ3VtZW50cyBmb3IgZm9ybWF0dGluZwptZXNzYWdlcy4gJ3doYXQnIHBhcmFtZXRlciBj
YW4gbm93IGJlIGEgbGlzdCBvZiBjb25kaXRpb25zLgoobnNtLWNoZWNrLXByb3RvY29sKTogUHJv
bXB0cyB1c2VyIGZvciBhbGwgcHJvYmxlbXMKZm91bmQgaW5zdGVhZCBvZiBqdXN0IHRoZSBmaXJz
dCBvbmUuCihuZXR3b3JrLXNlY3VyaXR5LXByb3RvY29sLWNoZWNrcyk6IEFkZCByc3gta3gsIGFu
b24ta3gsCmV4cG9ydC1reCwgY2JjLWNpcGhlciwgZWNkc2EtY2JjLWNpcGhlciwgZGVzLWNpcGhl
ciwgcmMyLWNpcGhlciwKbnVsbC1jaXBoZXIsIG1kNS1zaWcgY2hlY2tzLgoobnNtLXByb3RvY29s
LWNoZWNrLS1kaWZmaWUtaGVsbG1hbi1wcmltZS1iaXRzKTogUmVuYW1lIHRvCm5zbS1wcm90b2Nv
bC1jaGVjay0tZGhlLWt4LiBDaGVja3MgZm9yIHByaW1lIGJpdHMgPCAxMDI0IGZvciAnbWVkaXVt
Cm5ldHdvcmstc2VjdXJpdHktbGV2ZWwgYW5kIHVzYWdlIG9mIERIRSBLWCBmb3IgJ2hpZ2ggaW4g
YWRkaXRpb24gdG8KcHJpbWUgYml0cy4gU2hvcnRlbiBlcnJvciBtZXNzYWdlcy4KKG5zbS1wcm90
b2NvbC1jaGVjay0tcmM0KTogUmVuYW1lIHRvCm5zbS1wcm90b2NvbC1jaGVjay0tcmM0LWNpcGhl
ci4gRml4IGJ1ZyB3aGVyZSBpdCB3YXMgcHJldmlvdXNseQpjaGVja2luZyBmb3Igbm9uLWV4aXN0
ZW50IGNpcGhlciBuYW1lIFJDNCBpbiBHbnVUTFMgaW5zdGVhZCBvZgpBUkNGT1VSLiBTaG9ydGVu
IGVycm9yIG1lc3NhZ2UuCihuc20tcHJvdG9jb2wtY2hlY2stLXNpZ25hdHVyZS1zaGExKTogUmVt
b3ZlZC4KKG5zbS1wcm90b2NvbC1jaGVjay0taW50ZXJtZWRpYXRlLXNoYTEpOiBSZW5hbWUgdG8K
bnNtLXByb3RvY29sLWNoZWNrLS1zaGExLXNpZy4gU2hvcnRlbiBlcnJvciBtZXNzYWdlLgoKKEJ1
ZyMzMTk0NikKLS0tCiBsaXNwL25ldC9uc20uZWwgfCA1MTEgKysrKysrKysrKysrKysrKysrKysr
KysrKysrKysrKysrKysrKystLS0tLS0tLS0tCiAxIGZpbGUgY2hhbmdlZCwgNDA0IGluc2VydGlv
bnMoKyksIDEwNyBkZWxldGlvbnMoLSkKCmRpZmYgLS1naXQgYS9saXNwL25ldC9uc20uZWwgYi9s
aXNwL25ldC9uc20uZWwKaW5kZXggMDY1M2NmYmIxYS4uZGY2N2ZlOWNmNiAxMDA2NDQKLS0tIGEv
bGlzcC9uZXQvbnNtLmVsCisrKyBiL2xpc3AvbmV0L25zbS5lbApAQCAtMTY5LDI0ICsxNjksMzMg
QEAgbnNtLWNoZWNrLWNlcnRpZmljYXRlCiAJKGlmIChhbmQgKG5vdCAobnNtLXdhcm5pbmdzLW9r
LXAgc3RhdHVzIHNldHRpbmdzKSkKIAkJIChub3QgKG5zbS1xdWVyeQogCQkgICAgICAgaG9zdCBw
b3J0IHN0YXR1cyAnY29uZGl0aW9ucwotCQkgICAgICAgIlRoZSBUTFMgY29ubmVjdGlvbiB0byAl
czolcyBpcyBpbnNlY3VyZSBmb3IgdGhlIGZvbGxvd2luZyByZWFzb24lczpcblxuJXMiCi0JCSAg
ICAgICBob3N0IHBvcnQKLQkJICAgICAgIChpZiAoPiAobGVuZ3RoIHdhcm5pbmdzKSAxKQotCQkJ
ICAgInMiICIiKQotCQkgICAgICAgKG1hcGNvbmNhdCAjJ2dudXRscy1wZWVyLXN0YXR1cy13YXJu
aW5nLWRlc2NyaWJlCi0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2FybmluZ3MK
LSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiXG4iKSkpKQorICAgICAgICAgICAg
ICAgICAgICAgICAoZm9ybWF0LW1lc3NhZ2UKKwkJICAgICAgICAiVGhlIFRMUyBjb25uZWN0aW9u
IHRvICVzOiVzIGlzIGluc2VjdXJlIGZvciB0aGUgZm9sbG93aW5nIHJlYXNvbiVzOlxuXG4lcyIK
KwkJICAgICAgICBob3N0IHBvcnQKKwkJICAgICAgICAoaWYgKD4gKGxlbmd0aCB3YXJuaW5ncykg
MSkKKwkJCSAgICAicyIgIiIpCisJCSAgICAgICAgKG1hcGNvbmNhdCAjJ2dudXRscy1wZWVyLXN0
YXR1cy13YXJuaW5nLWRlc2NyaWJlCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
IHdhcm5pbmdzCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJcbiIpKSkpKQog
CSAgICAocHJvZ24KIAkgICAgICAoZGVsZXRlLXByb2Nlc3MgcHJvY2VzcykKIAkgICAgICBuaWwp
CiAJICBwcm9jZXNzKSkpKSkpCiAKIChkZWZ2YXIgbmV0d29yay1zZWN1cml0eS1wcm90b2NvbC1j
aGVja3MKLSAgJygoZGlmZmllLWhlbGxtYW4tcHJpbWUtYml0cyBtZWRpdW0gMTAyNCkKLSAgICAo
cmM0IG1lZGl1bSkKLSAgICAoc2lnbmF0dXJlLXNoYTEgbWVkaXVtKQotICAgIChpbnRlcm1lZGlh
dGUtc2hhMSBtZWRpdW0pCi0gICAgKDNkZXMgaGlnaCkKKyAgJygocnNhLWt4IGhpZ2gpCisgICAg
KGRoZS1reCBtZWRpdW0pCisgICAgKGFub24ta3ggbWVkaXVtKQorICAgIChleHBvcnQta3ggbWVk
aXVtKQorICAgIChjYmMtY2lwaGVyIGhpZ2gpCisgICAgKGVjZHNhLWNiYy1jaXBoZXIgbWVkaXVt
KQorICAgICgzZGVzLWNpcGhlciBtZWRpdW0pCisgICAgKGRlcy1jaXBoZXIgbWVkaXVtKQorICAg
IChyYzQtY2lwaGVyIG1lZGl1bSkKKyAgICAocmMyLWNpcGhlciBtZWRpdW0pCisgICAgKG51bGwt
Y2lwaGVyIG1lZGl1bSkKKyAgICAoc2hhMS1zaWcgbWVkaXVtKQorICAgIChtZDUtc2lnIG1lZGl1
bSkKICAgICAoc3NsIG1lZGl1bSkpCiAgICJUaGlzIHZhcmlhYmxlIHNwZWNpZmllcyB3aGF0IFRM
UyBjb25uZWN0aW9uIGNoZWNrcyB0byBwZXJmb3JtLgogSXQncyBhbiBhbGlzdCB3aGVyZSB0aGUg
Zmlyc3QgZWxlbWVudCBpcyB0aGUgbmFtZSBvZiB0aGUgY2hlY2ssCkBAIC0xOTgsODcgKzIwNywz
NzAgQEAgbmV0d29yay1zZWN1cml0eS1wcm90b2NvbC1jaGVja3MKIEhPU1QgUE9SVCBTVEFUVVMg
T1BUSU9OQUwtUEFSQU1FVEVSLiIpCiAKIChkZWZ1biBuc20tY2hlY2stcHJvdG9jb2wgKHByb2Nl
c3MgaG9zdCBwb3J0IHN0YXR1cyBzZXR0aW5ncykKLSAgKGNsLWxvb3AgZm9yIGNoZWNrIGluIG5l
dHdvcmstc2VjdXJpdHktcHJvdG9jb2wtY2hlY2tzCi0gICAgICAgICAgIGZvciB0eXBlID0gKGlu
dGVybiAoZm9ybWF0ICI6JXMiIChjYXIgY2hlY2spKSBvYmFycmF5KQotICAgICAgICAgICB3aGls
ZSBwcm9jZXNzCi0gICAgICAgICAgIDs7IFNraXAgdGhlIGNoZWNrIGlmIHRoZSB1c2VyIGhhcyBh
bHJlYWR5IHNhaWQgdGhhdCB0aGlzCi0gICAgICAgICAgIDs7IGhvc3QgaXMgT0sgZm9yIHRoaXMg
dHlwZSBvZiAiZXJyb3IiLgotICAgICAgICAgICB3aGVuIChhbmQgKG5vdCAobWVtcSB0eXBlIChw
bGlzdC1nZXQgc2V0dGluZ3MgOmNvbmRpdGlvbnMpKSkKLSAgICAgICAgICAgICAgICAgICAgICg+
PSAobnNtLWxldmVsIG5ldHdvcmstc2VjdXJpdHktbGV2ZWwpCi0gICAgICAgICAgICAgICAgICAg
ICAgICAgKG5zbS1sZXZlbCAoY2FkciBjaGVjaykpKSkKLSAgICAgICAgICAgZG8gKGxldCAoKHJl
c3VsdAotICAgICAgICAgICAgICAgICAgICAgKGZ1bmNhbGwgKGludGVybiAoZm9ybWF0ICJuc20t
cHJvdG9jb2wtY2hlY2stLSVzIgotICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgIChjYXIgY2hlY2spKQotICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICBvYmFycmF5KQotICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG9zdCBwb3J0IHN0
YXR1cyAobnRoIDIgY2hlY2spKSkpCi0gICAgICAgICAgICAgICAgKHVubGVzcyByZXN1bHQKLSAg
ICAgICAgICAgICAgICAgIChkZWxldGUtcHJvY2VzcyBwcm9jZXNzKQotICAgICAgICAgICAgICAg
ICAgKHNldHEgcHJvY2VzcyBuaWwpKSkpCisgIChsZXQgKChyZXN1bHRzCisgICAgICAgICAoY2wt
cmVtb3ZlLWlmLW5vdAorICAgICAgICAgICMnY2RyCisgICAgICAgICAgKGNsLWxvb3AgZm9yIGNo
ZWNrIGluIG5ldHdvcmstc2VjdXJpdHktcHJvdG9jb2wtY2hlY2tzCisgICAgICAgICAgICAgICAg
ICAgZm9yIHR5cGUgPSAoaW50ZXJuIChmb3JtYXQgIjolcyIgKGNhciBjaGVjaykpIG9iYXJyYXkp
CisgICAgICAgICAgICAgICAgICAgOzsgU2tpcCB0aGUgY2hlY2sgaWYgdGhlIHVzZXIgaGFzIGFs
cmVhZHkgc2FpZCB0aGF0IHRoaXMKKyAgICAgICAgICAgICAgICAgICA7OyBob3N0IGlzIE9LIGZv
ciB0aGlzIHR5cGUgb2YgImVycm9yIi4KKyAgICAgICAgICAgICAgICAgICB3aGVuIChhbmQgKG5v
dCAobWVtcSB0eXBlIChwbGlzdC1nZXQgc2V0dGluZ3MgOmNvbmRpdGlvbnMpKSkKKyAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgKD49IChuc20tbGV2ZWwgbmV0d29yay1zZWN1cml0eS1sZXZl
bCkKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIChuc20tbGV2ZWwgKGNhZHIgY2hl
Y2spKSkpCisgICAgICAgICAgICAgICAgICAgY29sbGVjdCAoY29ucworICAgICAgICAgICAgICAg
ICAgICAgICAgICAgIHR5cGUKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoZnVuY2FsbCAo
aW50ZXJuIChmb3JtYXQgIm5zbS1wcm90b2NvbC1jaGVjay0tJXMiCisgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIChjYXIgY2hlY2spKQorICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgb2JhcnJheSkKKyAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICBob3N0IHBvcnQgc3RhdHVzKSkpKSkpCisgICAg
KHdoZW4gKGFuZCByZXN1bHRzCisgICAgICAgICAgICAgICAobm90IChuc20tcXVlcnkgaG9zdCBw
b3J0IHN0YXR1cworICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIChzb3J0IChtYXAta2V5
cyByZXN1bHRzKSAjJ3N0cmluZzwpCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgKGZv
cm1hdC1tZXNzYWdlCisJCSAgICAgICAgICAgICAgICAiVGhlIFRMUyBjb25uZWN0aW9uIHRvICVz
OiVzIGlzIGluc2VjdXJlIGZvciB0aGUgZm9sbG93aW5nIHJlYXNvbiVzOlxuXG4lcyIKKwkJICAg
ICAgICAgICAgICAgIGhvc3QgcG9ydAorCQkgICAgICAgICAgICAgICAgKGlmICg+IChsZW5ndGgg
cmVzdWx0cykgMSkKKwkJCSAgICAgICAgICAgICJzIiAiIikKKwkJICAgICAgICAgICAgICAgIChz
dHJpbmctam9pbiAobWFwLXZhbHVlcyByZXN1bHRzKSAiXG4iKSkpKSkKKyAgICAgIChkZWxldGUt
cHJvY2VzcyBwcm9jZXNzKQorICAgICAgKHNldHEgcHJvY2VzcyBuaWwpKSkKICAgOzsgSWYgYSB0
ZXN0IGZhaWxlZCB3ZSByZXR1cm4gbmlsLCBvdGhlcndpc2UgdGhlIHByb2Nlc3Mgb2JqZWN0Lgog
ICBwcm9jZXNzKQogCi0oZGVmdW4gbnNtLS1lbmNyeXB0aW9uIChzdGF0dXMpCi0gIChmb3JtYXQg
IiVzLSVzLSVzIgotICAgICAgICAgIChwbGlzdC1nZXQgc3RhdHVzIDprZXktZXhjaGFuZ2UpCi0J
ICAocGxpc3QtZ2V0IHN0YXR1cyA6Y2lwaGVyKQotCSAgKHBsaXN0LWdldCBzdGF0dXMgOm1hYykp
KQotCi0oZGVmdW4gbnNtLXByb3RvY29sLWNoZWNrLS1kaWZmaWUtaGVsbG1hbi1wcmltZS1iaXRz
IChob3N0IHBvcnQgc3RhdHVzIGJpdHMpCi0gIChsZXQgKChwcmltZS1iaXRzIChwbGlzdC1nZXQg
c3RhdHVzIDpkaWZmaWUtaGVsbG1hbi1wcmltZS1iaXRzKSkpCi0gICAgKG9yIChub3QgcHJpbWUt
Yml0cykKLSAgICAgICAgKD49IHByaW1lLWJpdHMgYml0cykKLQkobnNtLXF1ZXJ5Ci0JIGhvc3Qg
cG9ydCBzdGF0dXMgOmRpZmZpZS1oZWxsbWFuLXByaW1lLWJpdHMKLQkgIlRoZSBEaWZmaWUtSGVs
bG1hbiBwcmltZSBiaXRzICglcykgdXNlZCBmb3IgdGhpcyBjb25uZWN0aW9uIHRvICVzOiVzIGlz
IGxlc3MgdGhhbiB3aGF0IGlzIGNvbnNpZGVyZWQgc2FmZSAoJXMpLiIKLQkgcHJpbWUtYml0cyBo
b3N0IHBvcnQgYml0cykpKSkKLQotKGRlZnVuIG5zbS1wcm90b2NvbC1jaGVjay0tM2RlcyAoaG9z
dCBwb3J0IHN0YXR1cyBfKQotICAob3IgKG5vdCAoc3RyaW5nLW1hdGNoICJcXGIzREVTXFxiIiAo
cGxpc3QtZ2V0IHN0YXR1cyA6Y2lwaGVyKSkpCi0gICAgICAobnNtLXF1ZXJ5Ci0gICAgICAgaG9z
dCBwb3J0IHN0YXR1cyA6cmM0Ci0gICAgICAgIlRoZSBjb25uZWN0aW9uIHRvICVzOiVzIHVzZXMg
dGhlIDNERVMgY2lwaGVyICglcyksIHdoaWNoIGlzIGJlbGlldmVkIHRvIGJlIHVuc2FmZS4iCi0g
ICAgICAgaG9zdCBwb3J0IChwbGlzdC1nZXQgc3RhdHVzIDpjaXBoZXIpKSkpCi0KLShkZWZ1biBu
c20tcHJvdG9jb2wtY2hlY2stLXJjNCAoaG9zdCBwb3J0IHN0YXR1cyBfKQotICAob3IgKG5vdCAo
c3RyaW5nLW1hdGNoICJcXGJSQzRcXGIiIChuc20tLWVuY3J5cHRpb24gc3RhdHVzKSkpCi0gICAg
ICAobnNtLXF1ZXJ5Ci0gICAgICAgaG9zdCBwb3J0IHN0YXR1cyA6cmM0Ci0gICAgICAgIlRoZSBj
b25uZWN0aW9uIHRvICVzOiVzIHVzZXMgdGhlIFJDNCBhbGdvcml0aG0gKCVzKSwgd2hpY2ggaXMg
YmVsaWV2ZWQgdG8gYmUgdW5zYWZlLiIKLSAgICAgICBob3N0IHBvcnQgKG5zbS0tZW5jcnlwdGlv
biBzdGF0dXMpKSkpCi0KLShkZWZ1biBuc20tcHJvdG9jb2wtY2hlY2stLXNpZ25hdHVyZS1zaGEx
IChob3N0IHBvcnQgc3RhdHVzIF8pCi0gIChsZXQgKChzaWduYXR1cmUtYWxnb3JpdGhtCi0gICAg
ICAgICAocGxpc3QtZ2V0IChwbGlzdC1nZXQgc3RhdHVzIDpjZXJ0aWZpY2F0ZSkgOnNpZ25hdHVy
ZS1hbGdvcml0aG0pKSkKLSAgICAob3IgKG5vdCAoc3RyaW5nLW1hdGNoICJcXGJTSEExXFxiIiBz
aWduYXR1cmUtYWxnb3JpdGhtKSkKLSAgICAgICAgKG5zbS1xdWVyeQotICAgICAgICAgaG9zdCBw
b3J0IHN0YXR1cyA6c2lnbmF0dXJlLXNoYTEKLSAgICAgICAgICJUaGUgY2VydGlmaWNhdGUgdXNl
ZCB0byB2ZXJpZnkgdGhlIGNvbm5lY3Rpb24gdG8gJXM6JXMgdXNlcyB0aGUgU0hBMSBhbGdvcml0
aG0gKCVzKSwgd2hpY2ggaXMgYmVsaWV2ZWQgdG8gYmUgdW5zYWZlLiIKLSAgICAgICAgIGhvc3Qg
cG9ydCBzaWduYXR1cmUtYWxnb3JpdGhtKSkpKQotCi0oZGVmdW4gbnNtLXByb3RvY29sLWNoZWNr
LS1pbnRlcm1lZGlhdGUtc2hhMSAoaG9zdCBwb3J0IHN0YXR1cyBfKQotICA7OyBTa2lwIHRoZSBm
aXJzdCBjZXJ0aWZpY2F0ZSwgYmVjYXVzZSB0aGF0J3MgdGhlIGhvc3QgY2VydGlmaWNhdGUuCi0g
IChjbC1sb29wIGZvciBjZXJ0aWZpY2F0ZSBpbiAoY2RyIChwbGlzdC1nZXQgc3RhdHVzIDpjZXJ0
aWZpY2F0ZXMpKQorDAorCis7OyBLZXkgZXhjaGFuZ2UgY2hlY2tzCisKKyhkZWZ1biBuc20tcHJv
dG9jb2wtY2hlY2stLXJzYS1reCAoaG9zdCBwb3J0IHN0YXR1cykKKyAgIkNoZWNrIGZvciBzdGF0
aWMgUlNBIGtleSBleGNoYW5nZS4KKworU3RhdGljIFJTQSBrZXkgZXhjaGFuZ2UgbWV0aG9kcyBk
byBub3Qgb2ZmZXIgcGVyZmVjdCBmb3J3YXJkCitzZWNyZWN5LgorCitSZWZlcmVuY2U6CisKK0lF
VEYgVExTV0cgKDIwMTQpLiBcIltUTFNdIENvbmZpcm1pbmcgQ29uc2Vuc3VzIG9uIHJlbW92aW5n
IFJTQSBrZXkKK1RyYW5zcG9ydCBmcm9tIFRMUyAxLjNcIiwKK2BodHRwczovL3d3dy5pZXRmLm9y
Zy9tYWlsLWFyY2hpdmUvd2ViL3Rscy9jdXJyZW50L21zZzExNjIxLmh0bWwnIgorICAobGV0ICgo
a3ggKHBsaXN0LWdldCBzdGF0dXMgOmtleS1leGNoYW5nZSkpKQorICAgIChhbmQgKHN0cmluZy1t
YXRjaCAiXlxcYlJTQVxcYiIga3gpCisgICAgICAgICAoZm9ybWF0LW1lc3NhZ2UKKyAgICAgICAg
ICAiUlNBIGtleSBleGNoYW5nZSBtZXRob2QgKCVzKSB0aGF0IGRvZXMgbm90IG9mZmVyIHBlcmZl
Y3QgZm9yd2FyZCBzZWNyZWN5IgorICAgICAgICAgIGt4KSkpKQorCisoZGVmdW4gbnNtLXByb3Rv
Y29sLWNoZWNrLS1kaGUta3ggKGhvc3QgcG9ydCBzdGF0dXMpCisgICJDaGVjayBmb3IgZmluaXRl
IGZpZWxkIGVwaGVtZXJhbCBEaWZmaWUtSGVsbG1hbiBrZXkgZXhjaGFuZ2UuCisKK0lmIGBuZXR3
b3JrLXNlY3VyaXR5LWxldmVsJyBpcyAnbWVkaXVtLCBhbmQgYSBESEUga2V5IGV4Y2hhbmdlCitt
ZXRob2Qgd2FzIHVzZWQsIHRoaXMgZnVuY3Rpb24gcXVlcmllcyB0aGUgdXNlciBpZiB0aGUgcHJp
bWUgYml0CitsZW5ndGggaXMgPCAxMDI0LgorCitJZiBgbmV0d29yay1zZWN1cml0eS1sZXZlbCcg
aXMgJ2hpZ2ggb3IgYWJvdmUsIGFuZCBhIERIRSBrZXkKK2V4Y2hhbmdlIG1ldGhvZCB3YXMgdXNl
ZCwgdGhpcyBmdW5jdGlvbiBxdWVyaWVzIHRoZSB1c2VyIGV2ZW4gaWYKK3RoZSBwcmltZSBiaXQg
bGVuZ3RoIGlzID49IDEwMjQuCisKK0luIDIwMTQsIHRoZSBkaXNjb3Zlcnkgb2YgTG9namFtWzFd
IGhhZCBwcm92ZW4gbm9uLWVsbGlwdGljLWN1cnZlCitEaWZmaWUtSGVsbG1hbiBrZXkgZXhjaGFu
Z2Ugd2l0aCA8IDEwMjQgcHJpbWUgYml0IGxlbmd0aCB0byBiZQordW5zYWZlLiBJbiBzdWJzZXF1
ZW50IHllYXJzLCBpdCB3YXMgZGlzY292ZXJlZCB0aGF0IHRoZXJlIHdlcmUKK3JhbXBhbnQgdXNl
IG9mIHNtYWxsIHN1Ymdyb3VwIHByaW1lIG9yIGNvbXBvc2l0ZSBudW1iZXIgZm9yIERIRQorYnkg
bWFueSBzZXJ2ZXJzLCBhbmQgdGh1cyBhbGxvd2VkIHRoZW1zZWx2ZXMgdG8gYmUgdnVsbmVyYWJs
ZSB0bworYmFja2Rvb3JzWzJdLiBHaXZlbiB0aGUgZGlmZmljdWx0eSBpbiB2YWxpZGF0aW5nIERI
RSBwYXJhbWV0ZXJzLAorbWFqb3IgYnJvd3NlciB2ZW5kb3JzIGhhZCBzdGFydGVkIHRvIHJlbW92
ZSBESEUgc2luY2UKKzIwMTZbM10uIEVtYWNzIHN0b3BzIHNob3J0IG9mIGJhbm5pbmcgREhFIGFu
ZCB0ZXJtaW5hdGluZworY29ubmVjdGlvbiwgYnV0IHByb21wdHMgdGhlIHVzZXIgaW5zdGVhZC4K
KworUmVmZXJlbmNlczoKKworWzFdOiBBZHJpYW4gZXQgYWwgKDIwMTQpLiBcIkltcGVyZmVjdCBG
b3J3YXJkIFNlY3JlY3k6IEhvdworRGlmZmllLUhlbGxtYW4gRmFpbHMgaW4gUHJhY3RpY2VcIiwg
YGh0dHBzOi8vd2Vha2RoLm9yZy8nCisKK1syXTogRG9yZXksIEZvbmcsIGFuZCBFc3NleCAoMjAx
NikuIFwiSW5kaXNjcmVldCBMb2dzOiBQZXJzaXN0ZW50CitEaWZmaWUtSGVsbG1hbiBCYWNrZG9v
cnMgaW4gVExTLlwiLAorYGh0dHBzOi8vZXByaW50LmlhY3Iub3JnLzIwMTYvOTk5LnBkZicKKwor
WzNdOiBDaHJvbWUgUGxhdGZvcm0gU3RhdHVzICgyMDE3KS4gXCJSZW1vdmUgREhFLWJhc2VkIGNp
cGhlcnNcIiwKK2BodHRwczovL3d3dy5jaHJvbWVzdGF0dXMuY29tL2ZlYXR1cmUvNTEyODkwODc5
ODE2NDk5MiciCisgIChsZXQqICgoa3ggKHBsaXN0LWdldCBzdGF0dXMgOmtleS1leGNoYW5nZSkp
CisgICAgICAgICAoZGhlLXAgKHN0cmluZy1tYXRjaCAiXlxcYkRIRVxcYiIga3gpKQorICAgICAg
ICAgKHByaW1lLWJpdHMgKHBsaXN0LWdldCBzdGF0dXMgOmRpZmZpZS1oZWxsbWFuLXByaW1lLWJp
dHMpKQorICAgICAgICAgbXNnKQorICAgICh3aGVuIGRoZS1wCisgICAgICAoaWYgKGFuZCAoPj0g
KG5zbS1sZXZlbCBuZXR3b3JrLXNlY3VyaXR5LWxldmVsKSAobnNtLWxldmVsICdtZWRpdW0pKQor
ICAgICAgICAgICAgICAgKDwgcHJpbWUtYml0cyAxMDI0KSkKKyAgICAgICAgICAoc2V0cSBtc2cg
KGZvcm1hdC1tZXNzYWdlCisgICAgICAgICAgICAgICAgICAgICAiRGlmZmllLUhlbGxtYW4gcHJp
bWUgYml0cyAoJXMpIHRvbyBsb3cgKCVzKSIKKyAgICAgICAgICAgICAgICAgICAgIHByaW1lLWJp
dHMgZ251dGxzLW1pbi1wcmltZS1iaXRzKSkpCisgICAgICAoaWYgKD49IChuc20tbGV2ZWwgbmV0
d29yay1zZWN1cml0eS1sZXZlbCkgKG5zbS1sZXZlbCAnaGlnaCkpCisgICAgICAgICAgKHNldHEg
bXNnIChjb25jYXQKKyAgICAgICAgICAgICAgICAgICAgIG1zZworICAgICAgICAgICAgICAgICAg
ICAgKGZvcm1hdC1tZXNzYWdlCisgICAgICAgICAgICAgICAgICAgICAgIm5vbi1lbGxpcHRpYy1j
dXJ2ZSBlcGhlbWVyYWwgRGlmZmllLUhlbGxtYW4ga2V5IGV4Y2hhbmdlIG1ldGhvZCAoJXMpIG1h
eWJlIHVzaW5nIGFuIHVuc2FmZSBwcmltZSIKKyAgICAgICAgICAgICAgICAgICAgICBreCkpKSkK
KyAgICAgIG1zZykpKQorCisoZGVmdW4gbnNtLXByb3RvY29sLWNoZWNrLS1hbm9uLWt4IChob3N0
IHBvcnQgc3RhdHVzKQorICAiQ2hlY2sgZm9yIGFub255bW91cyBrZXkgZXhjaGFuZ2UuCisKK0Fu
b255bW91c2Uga2V5IGV4Y2hhbmdlIGV4cG9zZXMgdGhlIGNvbm5lY3Rpb24gdG8gTUlUTSBhdHRh
Y2tzLgorCitSZWZlcmVuY2U6CisKK0dudVRMUyBhdXRob3JzICgyMDE4KS4gXCJHbnVUTFMgTWFu
dWFsIDQuMy4zIEFub255bW91cworYXV0aGVudGljYXRpb25cIiwKK2BodHRwczovL3d3dy5nbnV0
bHMub3JnL21hbnVhbC9nbnV0bHMuaHRtbFwjQW5vbnltb3VzLWF1dGhlbnRpY2F0aW9uJyIKKyAg
KGxldCAoKGt4IChwbGlzdC1nZXQgc3RhdHVzIDprZXktZXhjaGFuZ2UpKSkKKyAgICAoYW5kIChz
dHJpbmctbWF0Y2ggIlxcYkFOT05cXGIiIGt4KQorICAgICAgICAgKGZvcm1hdC1tZXNzYWdlCisg
ICAgICAgICAgImFub255bW91cyBrZXkgZXhjaGFuZ2UgbWV0aG9kICglcykgY2FuIGJlIHVuc2Fm
ZSIKKyAgICAgICAgICBreCkpKSkKKworKGRlZnVuIG5zbS1wcm90b2NvbC1jaGVjay0tZXhwb3J0
LWt4IChob3N0IHBvcnQgc3RhdHVzKQorICAiQ2hlY2sgZm9yIEVYUE9SVCBrZXkgZXhjaGFuZ2Uu
CisKK0VYUE9SVCBjaXBoZXIgc3VpdGVzIGFyZSBhIGZhbWlseSBvZiA0MC1iaXQgZWZmZWN0aXZl
IHNlY3VyaXR5CithbGdvcml0aG1zIGxlZ2FsbHkgZXhwb3J0YWJsZSBieSB0aGUgVW5pdGVkIFN0
YXRlcyBpbiB0aGUgZWFybHkgOTBzLgorVGhleSBjYW4gYmUgYnJva2VuIGluIHNlY29uZHMgb24g
MjAxOCBoYXJkd2FyZS4KKworUmVjZW50IHZlcnNpb24gb2YgR251VExTIGRvZXMgbm90IGVuYWJs
ZSB0aGlzIGtleSBleGNoYW5nZSBieSBkZWZhdWx0LAorYnV0IGNhbiBiZSBlbmFibGVkIGlmIHJl
cXVlc3RlZC4gIFRoaXMgY2hlY2sgaXMgbWFpbmx5IHByb3ZpZGVkIHRvCitzZWN1cmUgRW1hY3Mg
YnVpbHQgd2l0aCBvbGRlciB2ZXJzaW9uIG9mIEdudVRMUy4KKworUmVmZXJlbmNlOgorCitTY2hu
ZWllciwgQnJ1Y2UgKDE5OTYpLiBBcHBsaWVkIENyeXB0b2dyYXBoeSAoU2Vjb25kIGVkLikuIEpv
aG4gV2lsZXkKKyYgU29ucy4gSVNCTiAwLTQ3MS0xMTcwOS05LiIKKyAgKGxldCAoKGt4IChwbGlz
dC1nZXQgc3RhdHVzIDprZXktZXhjaGFuZ2UpKSkKKyAgICAoYW5kIChzdHJpbmctbWF0Y2ggIlxc
YkVYUE9SVFxcYiIga3gpCisgICAgICAgICAoZm9ybWF0LW1lc3NhZ2UKKyAgICAgICAgICAiRVhQ
T1JUIGxldmVsIGtleSBleGNoYW5nZSBtZXRob2QgKCVzKSBpcyBpbnNlY3VyZSIKKyAgICAgICAg
ICBreCkpKSkKKworOzsgQ2lwaGVyIGNoZWNrcworCisoZGVmdW4gbnNtLXByb3RvY29sLWNoZWNr
LS1jYmMtY2lwaGVyIChob3N0IHBvcnQgc3RhdHVzKQorICAiQ2hlY2sgZm9yIENCQyBtb2RlIGNp
cGhlcnMuCisKK0NCQyBtb2RlIGNpcGhlciBpbiBUTFMgdmVyc2lvbnMgZWFybGllciB0aGFuIDEu
MyBhcmUgcHJvYmxlbWF0aWMKK2JlY2F1c2Ugb2YgTUFDLXRoZW4tZW5jcnlwdC4gVGhpcyBjb25z
dHJ1Y3Rpb24gaXMgdnVsbmVyYWJsZSB0bworcGFkZGluZyBvcmFjbGUgYXR0YWNrc1sxXS4KKwor
UmVmZXJlbmNlOgorCitTdWxsaXZhbiAoRmViIDIwMTYpLiBcIlBhZGRpbmcgb3JhY2xlcyBhbmQg
dGhlIGRlY2xpbmUgb2YgQ0JDLW1vZGUKK2NpcGhlciBzdWl0ZXNcIiwKK2BodHRwczovL2Jsb2cu
Y2xvdWRmbGFyZS5jb20vcGFkZGluZy1vcmFjbGVzLWFuZC10aGUtZGVjbGluZS1vZi1jYmMtbW9k
ZS1jaXBoZXJzdWl0ZXMvJyIKKyAgKGxldCAoKGNpcGhlciAocGxpc3QtZ2V0IHN0YXR1cyA6Y2lw
aGVyKSkpCisgICAgKGFuZCAoc3RyaW5nLW1hdGNoICJcXGJDQkNcXGIiIGNpcGhlcikKKyAgICAg
ICAgIChmb3JtYXQtbWVzc2FnZQorICAgICAgICAgICJDQkMgbW9kZSBjaXBoZXIgKCVzKSBjYW4g
YmUgaW5zZWN1cmUiCisgICAgICAgICAgY2lwaGVyKSkpKQorCisoZGVmdW4gbnNtLXByb3RvY29s
LWNoZWNrLS1lY2RzYS1jYmMtY2lwaGVyIChob3N0IHBvcnQgc3RhdHVzKQorICAiQ2hlY2sgZm9y
IENCQyBtb2RlIGNpcGhlciB1c2FnZSB1bmRlciBFQ0RTQSBrZXkgZXhjaGFuZ2UuCisKK0NCQyBt
b2RlIGNpcGhlciBpbiBUTFMgdmVyc2lvbnMgZWFybGllciB0aGFuIDEuMyBhcmUgcHJvYmxlbWF0
aWMKK2JlY2F1c2Ugb2YgTUFDLXRoZW4tZW5jcnlwdC4gVGhpcyBjb25zdHJ1Y3Rpb24gaXMgdnVs
bmVyYWJsZSB0bworcGFkZGluZyBvcmFjbGUgYXR0YWNrc1sxXS4KKworRHVlIHRvIHN0aWxsIHdp
ZGVzcHJlYWQgdXNlIG9mIENCQyBtb2RlIGNpcGhlcnMgYnkgc2VydmVycywgdGhpcworZnVuY3Rp
b24gb25seSBjaGVja3MgZm9yIENCQyBtb2RlIGNpcGhlciB1c2FnZSBpbiBjb21iaW5hdGlvbiB3
aXRoCitFQ0RTQSBrZXkgZXhjaGFuZ2UsIHdoaWNoIGlzIHZpcnR1YWxseSBub24tZXhpc3RlbnRb
Ml0uCisKK1JlZmVyZW5jZXM6CisKK1sxXTogU3VsbGl2YW4gKEZlYiAyMDE2KS4gXCJQYWRkaW5n
IG9yYWNsZXMgYW5kIHRoZSBkZWNsaW5lIG9mCitDQkMtbW9kZSBjaXBoZXIgc3VpdGVzXCIsCitg
aHR0cHM6Ly9ibG9nLmNsb3VkZmxhcmUuY29tL3BhZGRpbmctb3JhY2xlcy1hbmQtdGhlLWRlY2xp
bmUtb2YtY2JjLW1vZGUtY2lwaGVyc3VpdGVzLycKKworWzJdOiBDaHJvbWUgUGxhdGZvcm0gU3Rh
dHVzICgyMDE3KS4gXCJSZW1vdmUgQ0JDLW1vZGUgRUNEU0EgY2lwaGVycyBpbgorVExTXCIsIGBo
dHRwczovL3d3dy5jaHJvbWVzdGF0dXMuY29tL2ZlYXR1cmUvNTc0MDk3ODEwMzEyMzk2OCciCisg
IChsZXQgKChreCAocGxpc3QtZ2V0IHN0YXR1cyA6a2V5LWV4Y2hhbmdlKSkKKyAgICAgICAgKGNp
cGhlciAocGxpc3QtZ2V0IHN0YXR1cyA6Y2lwaGVyKSkpCisgICAgKGFuZCAoc3RyaW5nLW1hdGNo
ICJcXGJFQ0RTQVxcYiIga3gpCisgICAgICAgICAoc3RyaW5nLW1hdGNoICJcXGJDQkNcXGIiIGNp
cGhlcikKKyAgICAgICAgIChmb3JtYXQtbWVzc2FnZQorICAgICAgICAgICJDQkMgbW9kZSBjaXBo
ZXIgKCVzKSBjYW4gYmUgaW5zZWN1cmUiCisgICAgICAgICAgY2lwaGVyKSkpKQorCisoZGVmdW4g
bnNtLXByb3RvY29sLWNoZWNrLS0zZGVzLWNpcGhlciAoaG9zdCBwb3J0IHN0YXR1cykKKyAgIkNo
ZWNrIGZvciAzREVTIGNpcGhlcnMuCisKKzNERVMgaXMgY29uc2lkZXJlZCBhIHdlYWsgY2lwaGVy
IGJ5IE5JU1QgYXMgaXQgb25seSBoYXMgODAgYml0cworb2Ygc2VjdXJpdHkuCisKK1JlZmVyZW5j
ZToKKworQmFya2VyLCBFbGFpbmUgKEphbiAyMDE2KS4gXCJOSVNUIFNwZWNpYWwgUHVibGljYXRp
b24gODAwLTU3OgorUmVjb21tZW5kYXRpb24gZm9yIEtleSBNYW5hZ2VtZW50IFBhcnQgMTogR2Vu
ZXJhbFwiICg0IGVkLiksCitgaHR0cHM6Ly9udmxwdWJzLm5pc3QuZ292L25pc3RwdWJzL1NwZWNp
YWxQdWJsaWNhdGlvbnMvTklTVC5TUC44MDAtNTdwdDFyNC5wZGYnCisiCisgIChsZXQgKChjaXBo
ZXIgKHBsaXN0LWdldCBzdGF0dXMgOmNpcGhlcikpKQorICAgIChhbmQgKHN0cmluZy1tYXRjaCAi
XFxiM0RFU1xcYiIgY2lwaGVyKQorICAgICAgICAgKGZvcm1hdC1tZXNzYWdlCisgICAgICAgICAg
IjNERVMgY2lwaGVyICglcykgaXMgaW5zZWN1cmUiCisgICAgICAgICAgY2lwaGVyKSkpKQorCiso
ZGVmdW4gbnNtLXByb3RvY29sLWNoZWNrLS1kZXMtY2lwaGVyIChob3N0IHBvcnQgc3RhdHVzKQor
ICAiQ2hlY2sgZm9yIERFUyBjaXBoZXJzLgorCitVc2luZyBkZWRpY2F0ZWQgaGFyZHdhcmUgY29z
dGluZyBsZXNzIHRoYW4gJDEwaywgYSBERVMga2V5IHVzZWQgdG8KK2VuY3J5cHQgYSBtZXNzYWdl
IGNhbiBiZSBicnV0ZS1mb3JjZWQgaW4gYSBtYXR0ZXIgb2YgZGF5cy4gIFJGQworNTQ2OVsxXSBz
dWdnZXN0cyBUTFMgbGlicmFyaWVzIHNob3VsZCBub3QgZW5hYmxlIHRoaXMgYWxnb3JpdGhtLgor
CitSZWNlbnQgdmVyc2lvbiBvZiBHbnVUTFMgZG9lcyBub3QgZW5hYmxlIHRoaXMgY2lwaGVyIGJ5
IGRlZmF1bHQsIGJ1dAorY2FuIGJlIGVuYWJsZWQgaWYgcmVxdWVzdGVkLiAgVGhpcyBjaGVjayBp
cyBtYWlubHkgcHJvdmlkZWQgdG8gc2VjdXJlCitFbWFjcyBidWlsdCB3aXRoIG9sZGVyIHZlcnNp
b24gb2YgR251VExTLgorCitSZWZlcmVuY2U6CisKK1sxXTogUC4gRXJvbmVuLCBFZCAoMjAwOSku
IFwiREVTIGFuZCBJREVBIENpcGhlciBTdWl0ZXMgZm9yIFRyYW5zcG9ydAorTGF5ZXIgU2VjdXJp
dHkgKFRMUylcIiwgYGh0dHBzOi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9yZmM1NDY5JyIKKyAgKGxl
dCAoKGNpcGhlciAocGxpc3QtZ2V0IHN0YXR1cyA6Y2lwaGVyKSkpCisgICAgKGFuZCAoc3RyaW5n
LW1hdGNoICJcXGJERVNcXGIiIGNpcGhlcikKKyAgICAgICAgIChmb3JtYXQtbWVzc2FnZQorICAg
ICAgICAgICJERVMgY2lwaGVyICglcykgaXMgaW5zZWN1cmUiCisgICAgICAgICAgY2lwaGVyKSkp
KQorCisoZGVmdW4gbnNtLXByb3RvY29sLWNoZWNrLS1yYzQtY2lwaGVyIChob3N0IHBvcnQgc3Rh
dHVzKQorICAiQ2hlY2sgZm9yIFJDNCBjaXBoZXJzLgorCitSQzQgY2lwaGVyIGhhcyBiZWVuIHBy
b2hpYml0ZWQgYnkgUkZDIDc0NjUuCisKK1JlY2VudCB2ZXJzaW9uIG9mIEdudVRMUyBkb2VzIG5v
dCBlbmFibGUgdGhpcyBjaXBoZXIgYnkgZGVmYXVsdCwgYnV0CitjYW4gYmUgZW5hYmxlZCBpZiBy
ZXF1ZXN0ZWQuICBUaGlzIGNoZWNrIGlzIG1haW5seSBwcm92aWRlZCB0byBzZWN1cmUKK0VtYWNz
IGJ1aWx0IHdpdGggb2xkZXIgdmVyc2lvbiBvZiBHbnVUTFMuCisKK1JlZmVyZW5jZToKKworUG9w
b3YgQSAoRmViIDIwMTUpLiBcIlByb2hpYml0aW5nIFJDNCBDaXBoZXIgU3VpdGVzXCIsCitgaHR0
cHM6Ly90b29scy5pZXRmLm9yZy9odG1sL3JmYzc0NjUnIgorICAobGV0ICgoY2lwaGVyIChwbGlz
dC1nZXQgc3RhdHVzIDpjaXBoZXIpKSkKKyAgICAoYW5kIChzdHJpbmctbWF0Y2ggIlxcYkFSQ0ZP
VVJcXGIiIGNpcGhlcikKKyAgICAgICAgIChmb3JtYXQtbWVzc2FnZQorICAgICAgICAgICJSQzQg
Y2lwaGVyICglcykgaXMgaW5zZWN1cmUiCisgICAgICAgICAgY2lwaGVyKSkpKQorCisoZGVmdW4g
bnNtLXByb3RvY29sLWNoZWNrLS1yYzItY2lwaGVyIChob3N0IHBvcnQgc3RhdHVzKQorICAiQ2hl
Y2sgZm9yIFJDMiBjaXBoZXJzLgorCitcIlJDMiBjYW4gYmUgYnJva2VuIHdpdGggb25lIHJlbGF0
ZWQta2V5IHF1ZXJ5IGFuZCBhYm91dCAyXjM0IGNob3NlbgorcGxhaW50ZXh0c1wiLCB3aGljaCBp
cyBhIG1hdHRlciBvZiBzZWNvbmRzIG9uIDIwMTggaGFyZHdhcmUuCisKK1JlY2VudCB2ZXJzaW9u
IG9mIEdudVRMUyBkb2VzIG5vdCBlbmFibGUgdGhpcyBjaXBoZXIgYnkgZGVmYXVsdCwgYnV0Citj
YW4gYmUgZW5hYmxlZCBpZiByZXF1ZXN0ZWQuICBUaGlzIGNoZWNrIGlzIG1haW5seSBwcm92aWRl
ZCB0byBzZWN1cmUKK0VtYWNzIGJ1aWx0IHdpdGggb2xkZXIgdmVyc2lvbiBvZiBHbnVUTFMuCisK
K1JlZmVyZW5jZToKKworS2Vsc2V5LCBTY2huZWllciwgV2FnbmVyICgxOTk3KS4gXCJSZWxhdGVk
LUtleSBDcnlwdGFuYWx5c2lzIG9mIDMtV0FZLAorQmloYW0tREVTLENBU1QsIERFUy1YLCBOZXdE
RVMsIFJDMiwgYW5kIFRFQVwiLAorYGh0dHBzOi8vd3d3LnNjaG5laWVyLmNvbS9hY2FkZW1pYy9w
YXBlcmZpbGVzL3BhcGVyLXJlbGF0ZWRrZXkucGRmJyIKKyAgKGxldCAoKGNpcGhlciAocGxpc3Qt
Z2V0IHN0YXR1cyA6Y2lwaGVyKSkpCisgICAgKGFuZCAoc3RyaW5nLW1hdGNoICJcXGJSQzJcXGIi
IGNpcGhlcikKKyAgICAgICAgIChmb3JtYXQtbWVzc2FnZQorICAgICAgICAgICJSQzIgY2lwaGVy
ICglcykgaXMgaW5zZWN1cmUiCisgICAgICAgICAgY2lwaGVyKSkpKQorCisoZGVmdW4gbnNtLXBy
b3RvY29sLWNoZWNrLS1udWxsLWNpcGhlciAoaG9zdCBwb3J0IHN0YXR1cykKKyAgIkNoZWNrIGZv
ciBOVUxMIGNpcGhlciBzdWl0ZXMuCisKK1RoaXMgZnVuY3Rpb24gY2hlY2tzIGZvciBOVUxMIGtl
eSBleGNoYW5nZSwgY2lwaGVyIGFuZCBtZXNzYWdlCithdXRoZW50aWNhdGlvbiBjb2RlIGtleSBk
ZXJpdmF0aW9uIGZ1bmN0aW9uLiAgQXMgdGhlIG5hbWUgc3VnZ2VzdHMsIGEKK05VTEwgYXNzaWdu
ZWQgZm9yIGFueSBvZiB0aGUgYWJvdmUgZGlzYWJsZXMgYW4gaW50ZWdyYWwgcGFydCBvZiB0aGUK
K3NlY3VyaXR5IHByb3BlcnRpZXMgdGhhdCBtYWtlIHVwIHRoZSBUTFMgcHJvdG9jb2wuIgorICAo
bGV0ICgoc3VpdGUgKGZvcm1hdCAiJXMtJXMtJXMiCisgICAgICAgICAgICAgICAgICAgICAgIChw
bGlzdC1nZXQgc3RhdHVzIDprZXktZXhjaGFuZ2UpCisJICAgICAgICAgICAgICAgKHBsaXN0LWdl
dCBzdGF0dXMgOmNpcGhlcikKKwkgICAgICAgICAgICAgICAocGxpc3QtZ2V0IHN0YXR1cyA6bWFj
KSkpKQorICAgIChhbmQgKHN0cmluZy1tYXRjaCAiXFxiTlVMTFxcYiIgc3VpdGUpCisgICAgICAg
ICAoZm9ybWF0LW1lc3NhZ2UKKyAgICAgICAgICAiTlVMTCBjaXBoZXIgc3VpdGUgKCVzKSB2aW9s
YXRlcyBhdXRoZW50aWNpdHksIGludGVncml0eSwgb3IgY29uZmlkZW50aWFsaXR5IGd1YXJhbnRl
ZXMiCisgICAgICAgICAgc3VpdGUpKSkpCisKKzs7IFNpZ25hdHVyZSBjaGVja3MKKworKGRlZnVu
IG5zbS1wcm90b2NvbC1jaGVjay0tc2hhMS1zaWcgKGhvc3QgcG9ydCBzdGF0dXMpCisgICJDaGVj
ayBmb3IgU0hBMSBzaWduYXR1cmVzIG9uIGNlcnRpZmljYXRlcy4KKworVGhlIGZpcnN0IFNIQTEg
Y29sbGlzaW9uIHdhcyBmb3VuZCBpbiAyMDE3WzFdLCBhcyBhIHByZWNhdXRpb24gYWdhaW5zdAor
ZXZlbnRzIGZvbGxvd2VkIHRoZSBkaXNjb3Zlcnkgb2YgY2hlYXAgY29sbGlzaW9ucyBpbiBNRDUs
IG1ham9yCiticm93c2Vyc1syXVszXVs0XSBoYXZlIHN1bnNldHRlZCB0aGUgdXNlIG9mIFNIQTEg
c2lnbmF0dXJlcyBpbgorY2VydGlmaWNhdGVzLgorCitSZWZlcmVuY2VzOgorCitbMV06IFN0ZXZl
bnMgTSwgS2FycG1hbiBQIGV0IGFsICgyMDE3KS4gXCJUaGUgZmlyc3QgY29sbGlzaW9uIGZvciBm
dWxsCitTSEEtMVwiLCBgaHR0cHM6Ly9zaGF0dGVyZWQuaW8vc3RhdGljL3NoYXR0ZXJlZC5wZGYn
CitbMl06IENocm9taXVtIFNlY3VyaXR5IEVkdWNhdGlvbiBUTFMvU1NMLiBcIkRlcHJlY2F0ZWQg
YW5kIFJlbW92ZWQKK0ZlYXR1cmVzIChTSEEtMSBDZXJ0aWZpY2F0ZSBTaWduYXR1cmVzKVwiLAor
YGh0dHBzOi8vd3d3LmNocm9taXVtLm9yZy9Ib21lL2Nocm9taXVtLXNlY3VyaXR5L2VkdWNhdGlv
bi90bHNcI1RPQy1TSEEtMS1DZXJ0aWZpY2F0ZS1TaWduYXR1cmVzJworWzNdOiBKb25lcyBKLkMg
KDIwMTcpLiBcIlRoZSBlbmQgb2YgU0hBLTEgb24gdGhlIFB1YmxpYyBXZWJcIiwKK2BodHRwczov
L2Jsb2cubW96aWxsYS5vcmcvc2VjdXJpdHkvMjAxNy8wMi8yMy90aGUtZW5kLW9mLXNoYS0xLW9u
LXRoZS1wdWJsaWMtd2ViLycKK1s0XTogQXBwbGUgU3VwcG9ydCAoMjAxNykuIFwiTW92ZSB0byBT
SEEtMjU2IHNpZ25lZCBjZXJ0aWZpY2F0ZXMgdG8KK2F2b2lkIGNvbm5lY3Rpb24gZmFpbHVyZXNc
IiwKK2BodHRwczovL3N1cHBvcnQuYXBwbGUuY29tL2VuLWdiL0hUMjA3NDU5JworWzVdOiBNaWNy
b3NvZnQgU2VjdXJpdHkgQWR2aXNvcnkgNDAxMDMyMyAoMjAxNykuIFwiRGVwcmVjYXRpb24gb2YK
K1NIQS0xIGZvciBTU0wvVExTIENlcnRpZmljYXRlcyBpbiBNaWNyb3NvZnQgRWRnZSBhbmQgSW50
ZXJuZXQgRXhwbG9yZXIKKzExXCIsCitgaHR0cHM6Ly9kb2NzLm1pY3Jvc29mdC5jb20vZW4tdXMv
c2VjdXJpdHktdXBkYXRlcy9zZWN1cml0eWFkdmlzb3JpZXMvMjAxNy80MDEwMzIzJyIKKyAgKGNs
LWxvb3AgZm9yIGNlcnRpZmljYXRlIGluIChwbGlzdC1nZXQgc3RhdHVzIDpjZXJ0aWZpY2F0ZXMp
CiAgICAgICAgICAgIGZvciBhbGdvID0gKHBsaXN0LWdldCBjZXJ0aWZpY2F0ZSA6c2lnbmF0dXJl
LWFsZ29yaXRobSkKLSAgICAgICAgICAgOzsgRG9uJ3QgY2hlY2sgcm9vdCBjZXJ0aWZpY2F0ZXMg
LS0gU0hBMSBpc24ndCBkYW5nZXJvdXMKLSAgICAgICAgICAgOzsgdGhlcmUuCi0gICAgICAgICAg
IHdoZW4gKGFuZCAobm90IChlcXVhbCAocGxpc3QtZ2V0IGNlcnRpZmljYXRlIDppc3N1ZXIpCisg
ICAgICAgICAgIDs7IERvbid0IGNoZWNrIHJvb3QgY2VydGlmaWNhdGVzIC0tIHJvb3QgaXMgYWx3
YXlzIHRydXN0ZWQuCisgICAgICAgICAgIGlmIChhbmQgKG5vdCAoZXF1YWwgKHBsaXN0LWdldCBj
ZXJ0aWZpY2F0ZSA6aXNzdWVyKQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgKHBs
aXN0LWdldCBjZXJ0aWZpY2F0ZSA6c3ViamVjdCkpKQotICAgICAgICAgICAgICAgICAgICAgKHN0
cmluZy1tYXRjaCAiXFxiU0hBMVxcYiIgYWxnbykKLSAgICAgICAgICAgICAgICAgICAgIChub3Qg
KG5zbS1xdWVyeQotICAgICAgICAgICAgICAgICAgICAgICAgICAgaG9zdCBwb3J0IHN0YXR1cyA6
c2lnbmF0dXJlLXNoYTEKLSAgICAgICAgICAgICAgICAgICAgICAgICAgICJBbiBpbnRlcm1lZGlh
dGUgY2VydGlmaWNhdGUgdXNlZCB0byB2ZXJpZnkgdGhlIGNvbm5lY3Rpb24gdG8gJXM6JXMgdXNl
cyB0aGUgU0hBMSBhbGdvcml0aG0gKCVzKSwgd2hpY2ggaXMgYmVsaWV2ZWQgdG8gYmUgdW5zYWZl
LiIKLSAgICAgICAgICAgICAgICAgICAgICAgICAgIGhvc3QgcG9ydCBhbGdvKSkpCi0gICAgICAg
ICAgIGRvIChjbC1yZXR1cm4gbmlsKQotICAgICAgICAgICBmaW5hbGx5IChjbC1yZXR1cm4gdCkp
KQotCi0oZGVmdW4gbnNtLXByb3RvY29sLWNoZWNrLS1zc2wgKGhvc3QgcG9ydCBzdGF0dXMgXykK
KyAgICAgICAgICAgICAgICAgICAgIChzdHJpbmctbWF0Y2ggIlxcYlNIQTFcXGIiIGFsZ28pKQor
ICAgICAgICAgICByZXR1cm4gKGZvcm1hdC1tZXNzYWdlCisgICAgICAgICAgICAgICAgICAgIlNI
QTEgc2lnbmF0dXJlICglcykgaXMgcHJvbmUgdG8gY29sbGlzaW9ucyIKKyAgICAgICAgICAgICAg
ICAgICBhbGdvKQorICAgICAgICAgICBlbmQpKQorCisoZGVmdW4gbnNtLXByb3RvY29sLWNoZWNr
LS1tZDUtc2lnIChob3N0IHBvcnQgc3RhdHVzKQorICAiQ2hlY2sgZm9yIE1ENSBzaWduYXR1cmVz
IG9uIGNlcnRpZmljYXRlcy4KKworSW4gMjAwOCwgYSBncm91cCBvZiByZXNlYXJjaGVycyB3ZXJl
IGFibGUgdG8gZm9yZ2UgYW4gaW50ZXJtZWRpYXRlIENBCitjZXJ0aWZpY2F0ZSB0aGF0IGFwcGVh
cmVkIHRvIGJlIGxlZ2l0aW1hdGUgd2hlbiBjaGVja2VkIGJ5IE1ENVsxXS4KK1JGQyA2MTUxIGhh
cyByZWNvbW1lbmRlZCBhZ2FpbnN0IHRoZSB1c2FnZSBvZiBNRDUgZm9yIGRpZ2l0YWwKK3NpZ25h
dHVyZXMsIHdoaWNoIGluY2x1ZGVzIFRMUyBjZXJ0aWZpY2F0ZSBzaWduYXR1cmVzLgorCitSZWZl
cmVuY2VzOgorCitbMV06IFNvdGlyb3YgQSwgU3RldmVucyBNIGV0IGFsICgyMDA4KS4gXCJNRDUg
Y29uc2lkZXJlZCBoYXJtZnVsIHRvZGF5CistIENyZWF0aW5nIGEgcm9ndWUgQ0EgY2VydGlmaWNh
dGVcIiwKK2BodHRwOi8vd3d3Lndpbi50dWUubmwvaGFzaGNsYXNoL3JvZ3VlLWNhLycKK1syXTog
VHVybmVyIFMsIENoZW4gTCAoMjAxMSkuIFwiVXBkYXRlZCBTZWN1cml0eSBDb25zaWRlcmF0aW9u
cyBmb3IKK3RoZSBNRDUgTWVzc2FnZS1EaWdlc3QgYW5kIHRoZSBITUFDLU1ENSBBbGdvcml0aG1z
XCIsCitgaHR0cHM6Ly90b29scy5pZXRmLm9yZy9odG1sL3JmYzYxNTEnIgorICAoY2wtbG9vcCBm
b3IgY2VydGlmaWNhdGUgaW4gKHBsaXN0LWdldCBzdGF0dXMgOmNlcnRpZmljYXRlcykKKyAgICAg
ICAgICAgZm9yIGFsZ28gPSAocGxpc3QtZ2V0IGNlcnRpZmljYXRlIDpzaWduYXR1cmUtYWxnb3Jp
dGhtKQorICAgICAgICAgICA7OyBEb24ndCBjaGVjayByb290IGNlcnRpZmljYXRlcyAtLSByb290
IGlzIGFsd2F5cyB0cnVzdGVkLgorICAgICAgICAgICBpZiAoYW5kIChub3QgKGVxdWFsIChwbGlz
dC1nZXQgY2VydGlmaWNhdGUgOmlzc3VlcikKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAocGxpc3QtZ2V0IGNlcnRpZmljYXRlIDpzdWJqZWN0KSkpCisgICAgICAgICAgICAgICAgICAg
KHN0cmluZy1tYXRjaCAiXFxiTUQ1MVxcYiIgYWxnbykpCisgICAgICAgICAgIHJldHVybiAoZm9y
bWF0LW1lc3NhZ2UKKyAgICAgICAgICAgICAgICAgICAiTUQ1IHNpZ25hdHVyZSAoJXMpIGlzIHZl
cnkgcHJvbmUgdG8gY29sbGlzaW9ucyIKKyAgICAgICAgICAgICAgICAgICBhbGdvKQorICAgICAg
ICAgICBlbmQpKQorCis7OyBQcm90b2NvbCBsZXZlbCBjaGVja3MKKworKGRlZnVuIG5zbS1wcm90
b2NvbC1jaGVjay0tc3NsIChob3N0IHBvcnQgc3RhdHVzKQorICAiQ2hlY2sgZm9yIFNTTCBwcm90
b2NvbCB2ZXJzaW9uLgorCitUaGlzIGZ1bmN0aW9uIGd1YXJkIGFnYWluc3QgdXNhZ2Ugb2YgU1NM
My4wLCB3aGljaCBoYXMgYmVlbiBkZXByZWNhdGVkCitieSBSRkM3NTY4LgorCitSZWZlcmVuY2U6
CisKK0lFVEYgKDIwMTUpLiBcIkRlcHJlY2F0aW5nIFNlY3VyZSBTb2NrZXRzIExheWVyIFZlcnNp
b24gMy4wXCIsCitgaHR0cHM6Ly90b29scy5pZXRmLm9yZy9odG1sL3JmYzc1NjgnIgogICAobGV0
ICgocHJvdG9jb2wgKHBsaXN0LWdldCBzdGF0dXMgOnByb3RvY29sKSkpCi0gICAgKG9yIChub3Qg
cHJvdG9jb2wpCi0JKG5vdCAoc3RyaW5nLW1hdGNoICJTU0wiIHByb3RvY29sKSkKLQkobnNtLXF1
ZXJ5Ci0JIGhvc3QgcG9ydCBzdGF0dXMgOnNzbAotCSAiVGhlIGNvbm5lY3Rpb24gdG8gJXM6JXMg
dXNlcyB0aGUgJXMgcHJvdG9jb2wsIHdoaWNoIGlzIGJlbGlldmVkIHRvIGJlIHVuc2FmZS4iCi0J
IGhvc3QgcG9ydCBwcm90b2NvbCkpKSkKKyAgICAoYW5kIHByb3RvY29sCisgICAgICAgICAoc3Ry
aW5nLW1hdGNoICJTU0wiIHByb3RvY29sKQorICAgICAgICAgKGZvcm1hdC1tZXNzYWdlCisJICAi
ICVzIHByb3RvY29sIGlzIGRlcHJlY2F0ZWQiCisJICBwcm90b2NvbCkpKSkKKworDAogCiAoZGVm
dW4gbnNtLWZpbmdlcnByaW50IChzdGF0dXMpCiAgIChwbGlzdC1nZXQgKHBsaXN0LWdldCBzdGF0
dXMgOmNlcnRpZmljYXRlKSA6cHVibGljLWtleS1pZCkpCkBAIC0yOTMsMTAgKzU4NSwxMSBAQCBu
c20tZmluZ2VycHJpbnQtb2stcAogCSAgICAgIChzZXRxIGRpZC1xdWVyeQogCQkgICAgKG5zbS1x
dWVyeQogCQkgICAgIGhvc3QgcG9ydCBzdGF0dXMgJ2ZpbmdlcnByaW50Ci0JCSAgICAgIlRoZSBm
aW5nZXJwcmludCBmb3IgdGhlIGNvbm5lY3Rpb24gdG8gJXM6JXMgaGFzIGNoYW5nZWQgZnJvbSAl
cyB0byAlcyIKLQkJICAgICBob3N0IHBvcnQKLQkJICAgICAocGxpc3QtZ2V0IHNldHRpbmdzIDpm
aW5nZXJwcmludCkKLQkJICAgICAobnNtLWZpbmdlcnByaW50IHN0YXR1cykpKSkpCisgICAgICAg
ICAgICAgICAgICAgICAoZm9ybWF0LW1lc3NhZ2UKKwkJICAgICAgIlRoZSBmaW5nZXJwcmludCBm
b3IgdGhlIGNvbm5lY3Rpb24gdG8gJXM6JXMgaGFzIGNoYW5nZWQgZnJvbSAlcyB0byAlcyIKKwkJ
ICAgICAgaG9zdCBwb3J0CisJCSAgICAgIChwbGlzdC1nZXQgc2V0dGluZ3MgOmZpbmdlcnByaW50
KQorCQkgICAgICAobnNtLWZpbmdlcnByaW50IHN0YXR1cykpKSkpKQogCTs7IE5vdCBPSy4KIAlu
aWwKICAgICAgICh3aGVuIGRpZC1xdWVyeQpAQCAtMzA4LDkgKzYwMSwxMCBAQCBuc20tZmluZ2Vy
cHJpbnQtb2stcAogKGRlZnVuIG5zbS1uZXctZmluZ2VycHJpbnQtb2stcCAoaG9zdCBwb3J0IHN0
YXR1cykKICAgKG5zbS1xdWVyeQogICAgaG9zdCBwb3J0IHN0YXR1cyAnZmluZ2VycHJpbnQKLSAg
ICJUaGUgZmluZ2VycHJpbnQgZm9yIHRoZSBjb25uZWN0aW9uIHRvICVzOiVzIGlzIG5ldzogJXMi
Ci0gICBob3N0IHBvcnQKLSAgIChuc20tZmluZ2VycHJpbnQgc3RhdHVzKSkpCisgICAoZm9ybWF0
LW1lc3NhZ2UKKyAgICAiVGhlIGZpbmdlcnByaW50IGZvciB0aGUgY29ubmVjdGlvbiB0byAlczol
cyBpcyBuZXc6ICVzIgorICAgIGhvc3QgcG9ydAorICAgIChuc20tZmluZ2VycHJpbnQgc3RhdHVz
KSkpKQogCiAoZGVmdW4gbnNtLWNoZWNrLXBsYWluLWNvbm5lY3Rpb24gKHByb2Nlc3MgaG9zdCBw
b3J0IHNldHRpbmdzIHdhcm4tdW5lbmNyeXB0ZWQpCiAgIDs7IElmIHRoaXMgY29ubmVjdGlvbiB1
c2VkIHRvIGJlIFRMUywgYnV0IGlzIG5vdyBwbGFpbiwgdGhlbiBpdCdzCkBAIC0zMjIsMjIgKzYx
NiwyNCBAQCBuc20tY2hlY2stcGxhaW4tY29ubmVjdGlvbgogCSAobm90CiAJICAobnNtLXF1ZXJ5
CiAJICAgaG9zdCBwb3J0IG5pbCAnY29uZGl0aW9ucwotCSAgICJUaGUgY29ubmVjdGlvbiB0byAl
czolcyB1c2VkIHRvIGJlIGFuIGVuY3J5cHRlZCBjb25uZWN0aW9uLCBidXQgaXMgbm93IHVuZW5j
cnlwdGVkLiAgVGhpcyBtaWdodCBtZWFuIHRoYXQgdGhlcmUncyBhIG1hbi1pbi10aGUtbWlkZGxl
IHRhcHBpbmcgdGhpcyBjb25uZWN0aW9uLiIKLQkgICBob3N0IHBvcnQpKSkKKyAgICAgICAgICAg
KGZvcm1hdC1tZXNzYWdlCisJICAgICJUaGUgY29ubmVjdGlvbiB0byAlczolcyB1c2VkIHRvIGJl
IGFuIGVuY3J5cHRlZCBjb25uZWN0aW9uLCBidXQgaXMgbm93IHVuZW5jcnlwdGVkLiAgVGhpcyBt
aWdodCBtZWFuIHRoYXQgdGhlcmUncyBhIG1hbi1pbi10aGUtbWlkZGxlIHRhcHBpbmcgdGhpcyBj
b25uZWN0aW9uLiIKKwkgICAgaG9zdCBwb3J0KSkpKQogICAgIChkZWxldGUtcHJvY2VzcyBwcm9j
ZXNzKQogICAgIG5pbCkKICAgICgoYW5kIHdhcm4tdW5lbmNyeXB0ZWQKIAkgKG5vdCAobWVtcSA6
dW5lbmNyeXB0ZWQgKHBsaXN0LWdldCBzZXR0aW5ncyA6Y29uZGl0aW9ucykpKQogCSAobm90IChu
c20tcXVlcnkKIAkgICAgICAgaG9zdCBwb3J0IG5pbCAnY29uZGl0aW9ucwotCSAgICAgICAiVGhl
IGNvbm5lY3Rpb24gdG8gJXM6JXMgaXMgdW5lbmNyeXB0ZWQuIgotCSAgICAgICBob3N0IHBvcnQp
KSkKKyAgICAgICAgICAgICAgIChmb3JtYXQtbWVzc2FnZQorCSAgICAgICAgIlRoZSBjb25uZWN0
aW9uIHRvICVzOiVzIGlzIHVuZW5jcnlwdGVkLiIKKwkgICAgICAgIGhvc3QgcG9ydCkpKSkKICAg
ICAoZGVsZXRlLXByb2Nlc3MgcHJvY2VzcykKICAgICBuaWwpCiAgICAodAogICAgIHByb2Nlc3Mp
KSkKIAotKGRlZnVuIG5zbS1xdWVyeSAoaG9zdCBwb3J0IHN0YXR1cyB3aGF0IG1lc3NhZ2UgJnJl
c3QgYXJncykKKyhkZWZ1biBuc20tcXVlcnkgKGhvc3QgcG9ydCBzdGF0dXMgd2hhdCBtZXNzYWdl
KQogICA7OyBJZiB0aGVyZSBpcyBubyB1c2VyIHRvIGFuc3dlciBxdWVyaWVzLCB0aGVuIHNheSBg
bm8nIHRvIGV2ZXJ5dGhpbmcuCiAgIChpZiAob3Igbm9uaW50ZXJhY3RpdmUKIAkgIG5zbS1ub25p
bnRlcmFjdGl2ZSkKQEAgLTM0Niw3ICs2NDIsNyBAQCBuc20tcXVlcnkKIAkgICAoY29uZGl0aW9u
LWNhc2UgbmlsCiAgICAgICAgICAgICAgICAoaW50ZXJuCiAgICAgICAgICAgICAgICAgKGNhciAo
c3BsaXQtc3RyaW5nCi0gICAgICAgICAgICAgICAgICAgICAgKG5zbS1xdWVyeS11c2VyIG1lc3Nh
Z2UgYXJncworICAgICAgICAgICAgICAgICAgICAgIChuc20tcXVlcnktdXNlciBtZXNzYWdlCiAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIChuc20tZm9ybWF0LWNlcnRpZmlj
YXRlIHN0YXR1cykpKSkKICAgICAgICAgICAgICAgICBvYmFycmF5KQogCSAgICAgOzsgTWFrZSBz
dXJlIHdlIG1hbmFnZSB0byBjbG9zZSB0aGUgcHJvY2VzcyBpZiB0aGUgdXNlciBoaXRzCkBAIC0z
NjQsNyArNjYwLDcgQEAgbnNtLXF1ZXJ5CiAJKG5zbS1zYXZlLWhvc3QgaG9zdCBwb3J0IHN0YXR1
cyB3aGF0IHJlc3BvbnNlKQogCXQpKSkpCiAKLShkZWZ1biBuc20tcXVlcnktdXNlciAobWVzc2Fn
ZSBhcmdzIGNlcnQpCisoZGVmdW4gbnNtLXF1ZXJ5LXVzZXIgKG1lc3NhZ2UgY2VydCkKICAgKGxl
dCAoKGJ1ZmZlciAoZ2V0LWJ1ZmZlci1jcmVhdGUgIipOZXR3b3JrIFNlY3VyaXR5IE1hbmFnZXIq
IikpKQogICAgIChzYXZlLXdpbmRvdy1leGN1cnNpb24KICAgICAgIDs7IEZpcnN0IGZvcm1hdCB0
aGUgY2VydGlmaWNhdGUgYW5kIHdhcm5pbmdzLgpAQCAtMzc0LDcgKzY3MCw3IEBAIG5zbS1xdWVy
eS11c2VyCiAgICAgICAgICAgKHdoZW4gKD4gKGxlbmd0aCBjZXJ0KSAwKQogICAgICAgICAgICAg
KGluc2VydCBjZXJ0ICJcbiIpKQogICAgICAgICAgIChsZXQgKChzdGFydCAocG9pbnQpKSkKLSAg
ICAgICAgICAgIChpbnNlcnQgKGFwcGx5ICMnZm9ybWF0LW1lc3NhZ2UgbWVzc2FnZSBhcmdzKSkK
KyAgICAgICAgICAgIChpbnNlcnQgbWVzc2FnZSkKICAgICAgICAgICAgIChnb3RvLWNoYXIgc3Rh
cnQpCiAgICAgICAgICAgICA7OyBGaWxsIHRoZSBmaXJzdCBsaW5lIG9mIHRoZSBtZXNzYWdlLCB3
aGljaCB1c3VhbGx5CiAgICAgICAgICAgICA7OyBjb250YWlucyBsb3RzIG9mIGV4cGxhbmF0b3J5
IHRleHQuCkBAIC0zOTEsMzIgKzY4NywzMyBAQCBuc20tcXVlcnktdXNlcgogCiAoZGVmdW4gbnNt
LXNhdmUtaG9zdCAoaG9zdCBwb3J0IHN0YXR1cyB3aGF0IHBlcm1hbmVuY3kpCiAgIChsZXQqICgo
aWQgKG5zbS1pZCBob3N0IHBvcnQpKQorICAgICAgICAgKHdoYXQgKGlmIChsaXN0cCB3aGF0KSB3
aGF0IChsaXN0IHdoYXQpKSkKIAkgKHNhdmVkCiAJICAobGlzdCA6aWQgaWQKIAkJOmZpbmdlcnBy
aW50IChvciAobnNtLWZpbmdlcnByaW50IHN0YXR1cykKIAkJCQkgOzsgUGxhaW4gY29ubmVjdGlv
bi4KIAkJCQkgOm5vbmUpKSkpCi0gICAgKHdoZW4gKG9yIChlcSB3aGF0ICdjb25kaXRpb25zKQor
ICAgICh3aGVuIChvciAobWVtcSAnY29uZGl0aW9ucyB3aGF0KQogCSAgICAgIG5zbS1zYXZlLWhv
c3QtbmFtZXMpCiAgICAgICAobmNvbmMgc2F2ZWQgKGxpc3QgOmhvc3QgKGZvcm1hdCAiJXM6JXMi
IGhvc3QgcG9ydCkpKSkKICAgICA7OyBXZSBlaXRoZXIgd2FudCB0byBzYXZlL3VwZGF0ZSB0aGUg
ZmluZ2VycHJpbnQgb3IgdGhlIGNvbmRpdGlvbnMKICAgICA7OyBvZiB0aGUgY2VydGlmaWNhdGUv
dW5lbmNyeXB0ZWQgY29ubmVjdGlvbi4KICAgICAoY29uZAotICAgICAoKGVxIHdoYXQgJ2NvbmRp
dGlvbnMpCisgICAgICgobWVtcSAnY29uZGl0aW9ucyB3aGF0KQogICAgICAgKGNvbmQKICAgICAg
ICAoKG5vdCBzdGF0dXMpCiAJKG5jb25jIHNhdmVkICcoOmNvbmRpdGlvbnMgKDp1bmVuY3J5cHRl
ZCkpKSkKICAgICAgICAoKHBsaXN0LWdldCBzdGF0dXMgOndhcm5pbmdzKQogCShuY29uYyBzYXZl
ZAogCSAgICAgICAobGlzdCA6Y29uZGl0aW9ucyAocGxpc3QtZ2V0IHN0YXR1cyA6d2FybmluZ3Mp
KSkpKSkKLSAgICAgKChub3QgKGVxIHdoYXQgJ2ZpbmdlcnByaW50KSkKKyAgICAgKChub3QgKG1l
bXEgJ2ZpbmdlcnByaW50IHdoYXQpKQogICAgICAgOzsgU3RvcmUgYWRkaXRpb25hbCBwcm90b2Nv
bCBzZXR0aW5ncy4KICAgICAgIChsZXQgKChzZXR0aW5ncyAobnNtLWhvc3Qtc2V0dGluZ3MgaWQp
KSkKIAkod2hlbiBzZXR0aW5ncwogCSAgKHNldHEgc2F2ZWQgc2V0dGluZ3MpKQogCShpZiAocGxp
c3QtZ2V0IHNhdmVkIDpjb25kaXRpb25zKQotCSAgICAobmNvbmMgKHBsaXN0LWdldCBzYXZlZCA6
Y29uZGl0aW9ucykgKGxpc3Qgd2hhdCkpCi0JICAobmNvbmMgc2F2ZWQgKGxpc3QgOmNvbmRpdGlv
bnMgKGxpc3Qgd2hhdCkpKSkpKSkKKwkgICAgKG5jb25jIChwbGlzdC1nZXQgc2F2ZWQgOmNvbmRp
dGlvbnMpIHdoYXQpCisJICAobmNvbmMgc2F2ZWQgKGxpc3QgOmNvbmRpdGlvbnMgd2hhdCkpKSkp
KQogICAgIChpZiAoZXEgcGVybWFuZW5jeSAnYWx3YXlzKQogCShwcm9nbgogCSAgKG5zbS1yZW1v
dmUtdGVtcG9yYXJ5LXNldHRpbmcgaWQpCi0tIAoyLjE4LjAKCg==
--000000000000e99d26056fdf4c89--




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 29 Jun 2018 05:26:20 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Jun 29 01:26:20 2018
Received: from localhost ([127.0.0.1]:39166 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fYlvD-0002t1-7w
	for submit <at> debbugs.gnu.org; Fri, 29 Jun 2018 01:26:20 -0400
Received: from mail-io0-f171.google.com ([209.85.223.171]:44940)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wyuenho@HIDDEN>) id 1fYlv8-0002sj-OU
 for 31946 <at> debbugs.gnu.org; Fri, 29 Jun 2018 01:26:14 -0400
Received: by mail-io0-f171.google.com with SMTP id q19-v6so20343ioh.11
 for <31946 <at> debbugs.gnu.org>; Thu, 28 Jun 2018 22:26:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=qkD10qu6Vw3HNz3ykGpJF9wLUTiOo1GYXfZHlHyn/AE=;
 b=uhuliEr9AgJ5Rph8rA7TEghTBMdw1GssF6u6VJxm0BjacjgB/Pnrq++ySpIzb5K++P
 COfBY1+ETHkYT8ZS8hX9aVbkj4EZ2robna868g4M6k5G6uPUaItl2Vaot838Qjtx0E7o
 mcdxxtDoAqHqVfISllK2caV/M2QjidCbi18TkzObWcMQBt4NDc0OaJU4mFYX3qWF2Tml
 LDQXlH0hT8q35zuNzO5yRQ/9vdbdXnbpzsAnynMFHHqH3N4wFZ/Bkd81SmSxV48/wnBm
 L6SE9jAXu0Fng07iDPV96H4lN0ogZjP7MU8P/PbP7XK09cXac+Qg8IC9QJLiYxD8/FZg
 142Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=qkD10qu6Vw3HNz3ykGpJF9wLUTiOo1GYXfZHlHyn/AE=;
 b=JLMoMiST7EXKCE/aSWtooFcTHZr6K5vHBFTSLc6y3J9p06f6dcs8BGmsbn9OiKP82z
 6gYfFtbtd7ja7li6bXr+y9Z3vaL4YFIaRCI+zXpBG3q7g0rNMtel6fNyBAvsl46r8Qnt
 lfOeyzt1fXmu08mpWyIb8/Iu8a7yYYgV+jxh/lPwL62Ej8kIyzdFxImlSE1uLFMU9st1
 X8WwbPCSz5BBXbYtKpD0fiCifX2MyMSHu0GgGcfTJslKLv+7s3fpw/msaQFzOca1IvfA
 CJ6zqgpXsTHEPr9sWH/c26C9sG49SraijzbGwOe9z1RiA5+DVSz/GkHsIonslejQrWTR
 cO+w==
X-Gm-Message-State: APt69E13iLihR5ALHZYmUCiXke8Uv2K2G9N4kFJhKF++pdmV+3nCky5D
 kMsDbzLYs+gFGlU6nn0AFfwEHheoAFLpH+rjot8=
X-Google-Smtp-Source: AAOMgpcQPfNlvQgPEye7QAfs9bS7zZ5w82mo9Ebhcg9T1mdadgNL7On1I1yiSYcxgXPeMQ4ahfHViBYqvnB/WkUxEXM=
X-Received: by 2002:a5e:9812:: with SMTP id
 s18-v6mr10900181ioj.117.1530249965310; 
 Thu, 28 Jun 2018 22:26:05 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:985d:0:0:0:0:0 with HTTP; Thu, 28 Jun 2018 22:25:44
 -0700 (PDT)
In-Reply-To: <CAKDRQS4mf3Ze6urA3iLVR91oeON47=BavBy+dsXW_wv_KOUPNQ@HIDDEN>
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN> <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <87tvpnojgt.fsf@HIDDEN>
 <CAKDRQS59U_itWd7E4FNi4g_QGp5qWWciqOS0-yd26Z-AkK6jZA@HIDDEN>
 <m3lgayhop3.fsf@HIDDEN>
 <CAKDRQS5KOq7RsL1jfJvHk7apKQ3noscfK1r74A7pVQXcFErUxw@HIDDEN>
 <m3h8lmhmlf.fsf@HIDDEN>
 <CAKDRQS71J_bPMnSB77nPx_fYzAfgwqTVgNuCALBB3zVy_xv9JA@HIDDEN>
 <CAKDRQS4mf3Ze6urA3iLVR91oeON47=BavBy+dsXW_wv_KOUPNQ@HIDDEN>
From: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Date: Fri, 29 Jun 2018 06:25:44 +0100
Message-ID: <CAKDRQS6kwsAQ-ptV2+aGvaq3pH0TztueR8E9OdzS7p9YjAqQqQ@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
To: Lars Ingebrigtsen <larsi@HIDDEN>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Eli Zaretskii <eliz@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Noam Postavsky <npostavs@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Correction:

This is the actualy cipher string I used
"DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256".

All 3 browsers fail to connect.

On Fri, Jun 29, 2018 at 6:21 AM, Jimmy Yuen Ho Wong <wyuenho@HIDDEN> wrote:
> Update:
>
> I just tried with this node.js script:
>
> #! /usr/bin/env node
>
> const https = require('https');
> const fs = require('fs');
>
> const options = {
>   key: fs.readFileSync('ryans-key.pem'),
>   cert: fs.readFileSync('ryans-cert.pem'),
>   ciphers: "DHE-RSA-AES128-GCM-SHA256"
> };
>
> https.createServer(options, (req, res) => {
>   res.writeHead(200);
>   res.end('hello world\n');
> }).listen(8000);
>
> Chrome gave me a ERR_SSL_VERSION_OR_CIPHER_MISMATCH, Firefox gave me a
> SSL_ERROR_NO_CYPHER_OVERLAP, Safari just told me it can't establish a
> connection.
>
> Conversely, changing DHE to ECDHE will at least show me the warning
> screen for a self-signed cert, so I'm fairly certain now that these 3
> browsers have removed DHE KX.
>
>
> Heads up:
>
> I'm adding about 10 new checks into NSM ATM. Will send a early preview
> patch here later today for feedback.
>
>
> On Thu, Jun 28, 2018 at 7:15 PM, Jimmy Yuen Ho Wong <wyuenho@HIDDEN> wrote:
>> The Telemetry data[1] from Mozilla in bug report 1227519[2] suggests
>> DHE usage is very low for HTTP. No data for any other protocol.
>>
>> I just used Wireshark on Chrome and Firefox on macOS, they all seem to
>> advertise DH and DHE cipher suites in Client Hello for TLS 1.2, they
>> even advertise CBC mode ciphers too. While I'm not sure about Firefox,
>> surely Chrome has removed DHE_SHA KX and CBC modes according to
>> ChromeStatus[3]?
>>
>>
>> [1]: https://tlscanary.mozilla.org/runs/2018-01-25-01-21-44/
>> [2]: https://bugzilla.mozilla.org/show_bug.cgi?id=1227519
>> [3]: https://www.chromestatus.com/features#tls
>>
>> On Thu, Jun 28, 2018 at 6:01 PM, Lars Ingebrigtsen <larsi@HIDDEN> wrote:
>>> Jimmy Yuen Ho Wong <wyuenho@HIDDEN> writes:
>>>
>>>>> I can't see that that web page mentions Diffie-Hellman at all?
>>>>>
>>>>
>>>> Click on the individual browsers.
>>>
>>> I see.
>>>
>>>> SSLLabs only reports that Firefox 59 / Win 7 has dropped support for
>>>> DHE_RSA in the UA capabilities page[1], but client test[2] still shows
>>>> it is supported, so does Chrome and Safari. I don't understand what's
>>>> going on there. Could that list in in client test be static? Or that
>>>> browsers still advertise their support for DHE_RSA when in fact they
>>>> don't? Might have to get on a server and log out the TLS handshake to
>>>> see what's actually going on...
>>>>
>>>> [1]: https://www.ssllabs.com/ssltest/clients.html
>>>> [2]: https://www.ssllabs.com/ssltest/viewMyClient.html
>>>
>>> My
>>>
>>> Chromium        66.0.3359.117 (Developer Build) built on Debian 9.4,
>>> running on Debian 9.4 (64-bit)
>>>
>>> on the viewMyClient reports not supporting DHE-RSA.
>>>
>>> Confusing.  :-)
>>>
>>> I tried finding a web site that says how many sites do not support ECDHE
>>> as key exchange, and only found something from 2014 that says that was
>>> 60%...
>>>
>>> --
>>> (domestic pets only, the antidote for overdose, milk.)
>>>    bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 29 Jun 2018 05:22:15 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Jun 29 01:22:14 2018
Received: from localhost ([127.0.0.1]:39162 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fYlrG-0002mk-Ay
	for submit <at> debbugs.gnu.org; Fri, 29 Jun 2018 01:22:14 -0400
Received: from mail-io0-f170.google.com ([209.85.223.170]:44697)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wyuenho@HIDDEN>) id 1fYlrB-0002m9-Fw
 for 31946 <at> debbugs.gnu.org; Fri, 29 Jun 2018 01:22:08 -0400
Received: by mail-io0-f170.google.com with SMTP id q19-v6so14053ioh.11
 for <31946 <at> debbugs.gnu.org>; Thu, 28 Jun 2018 22:22:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=1Z2uHCOnXZ0MOjUofXg6jTIjjS0UZls4JBrg8+uFzC0=;
 b=F0hod92oUlLiSMv117aNK7HbRUc9fAzYjwao2SVlE+oQVO6iG3ojFtQtqrCJPb7A+T
 r/2lVyyyOJIvSosXhl+wsJ89WNjpwseUqbc+ARWGYrUN/SQcHkOX6SLbjTwNO85PepFZ
 rHC2AFPv3BixS2fNOmKKV9l3UJIxjO90mS0wvjE3yK2SuqR8EWuycqso/vbXLfYNPTXn
 H6qEi4BSIwbCkt6jZOK2Phz5qKPlHiRP20JZlPZkEjnVZnYDXcke8SzceI/Myd6+smv6
 50pBXEXpDEuh9EN90srTVl+td84kuZm5GDU09qsT4eS33qo8qPf4CMYpYNSvoeIzLRwr
 8CMg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=1Z2uHCOnXZ0MOjUofXg6jTIjjS0UZls4JBrg8+uFzC0=;
 b=Zj6Jrqkj6zyg4KXYLT2oNSGsAUpnsvhvlgMubSF9qwKhcBskIj+d7P/xAOIBw2ZNP5
 VQ5YBVK2ji06MFk37tksI2Q8e1sbvBj6RkEIsjQwrHN4oAISRFI3kmfUqhsbJSxKYpSU
 U90+hjsJueYEd+o46TQ6368PQrHvljphNcUfTyFDKmubYPsODs8AAh9wJexdsALpg5yX
 HFhp0eqqKjHjsm4S8REMTI54Fzr/707xGxM61nDlqKw8YCziEP0URDgQtIRhBMygGIGo
 kloL/4J5wURXUr4xGDfOlWuvWYRbe9Qt6vjF+TkxU6HGSYxY+ys8WHrYLSTUxrtGrlHK
 2tkA==
X-Gm-Message-State: APt69E1k5++qKCsUsRnBhyPQkp4jQVywQmdC09OMPstnaiCflSVpb9fe
 DsVDEthbrBv22lVQsrSoZXlDy7+CXBlU5BD9Wnc=
X-Google-Smtp-Source: AAOMgpdOJ+c+S+ZavjQRG4B4X3aWk+MLJ/6HyrG2HxWyoPClpY+HOVnkrdoyQ0sfBbu5SMffcPIh42uaOqdOd9BM998=
X-Received: by 2002:a5e:9812:: with SMTP id
 s18-v6mr10892945ioj.117.1530249719520; 
 Thu, 28 Jun 2018 22:21:59 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:985d:0:0:0:0:0 with HTTP; Thu, 28 Jun 2018 22:21:38
 -0700 (PDT)
In-Reply-To: <CAKDRQS71J_bPMnSB77nPx_fYzAfgwqTVgNuCALBB3zVy_xv9JA@HIDDEN>
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN> <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <87tvpnojgt.fsf@HIDDEN>
 <CAKDRQS59U_itWd7E4FNi4g_QGp5qWWciqOS0-yd26Z-AkK6jZA@HIDDEN>
 <m3lgayhop3.fsf@HIDDEN>
 <CAKDRQS5KOq7RsL1jfJvHk7apKQ3noscfK1r74A7pVQXcFErUxw@HIDDEN>
 <m3h8lmhmlf.fsf@HIDDEN>
 <CAKDRQS71J_bPMnSB77nPx_fYzAfgwqTVgNuCALBB3zVy_xv9JA@HIDDEN>
From: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Date: Fri, 29 Jun 2018 06:21:38 +0100
Message-ID: <CAKDRQS4mf3Ze6urA3iLVR91oeON47=BavBy+dsXW_wv_KOUPNQ@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
To: Lars Ingebrigtsen <larsi@HIDDEN>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Eli Zaretskii <eliz@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Noam Postavsky <npostavs@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Update:

I just tried with this node.js script:

#! /usr/bin/env node

const https = require('https');
const fs = require('fs');

const options = {
  key: fs.readFileSync('ryans-key.pem'),
  cert: fs.readFileSync('ryans-cert.pem'),
  ciphers: "DHE-RSA-AES128-GCM-SHA256"
};

https.createServer(options, (req, res) => {
  res.writeHead(200);
  res.end('hello world\n');
}).listen(8000);

Chrome gave me a ERR_SSL_VERSION_OR_CIPHER_MISMATCH, Firefox gave me a
SSL_ERROR_NO_CYPHER_OVERLAP, Safari just told me it can't establish a
connection.

Conversely, changing DHE to ECDHE will at least show me the warning
screen for a self-signed cert, so I'm fairly certain now that these 3
browsers have removed DHE KX.


Heads up:

I'm adding about 10 new checks into NSM ATM. Will send a early preview
patch here later today for feedback.


On Thu, Jun 28, 2018 at 7:15 PM, Jimmy Yuen Ho Wong <wyuenho@HIDDEN> wrote:
> The Telemetry data[1] from Mozilla in bug report 1227519[2] suggests
> DHE usage is very low for HTTP. No data for any other protocol.
>
> I just used Wireshark on Chrome and Firefox on macOS, they all seem to
> advertise DH and DHE cipher suites in Client Hello for TLS 1.2, they
> even advertise CBC mode ciphers too. While I'm not sure about Firefox,
> surely Chrome has removed DHE_SHA KX and CBC modes according to
> ChromeStatus[3]?
>
>
> [1]: https://tlscanary.mozilla.org/runs/2018-01-25-01-21-44/
> [2]: https://bugzilla.mozilla.org/show_bug.cgi?id=1227519
> [3]: https://www.chromestatus.com/features#tls
>
> On Thu, Jun 28, 2018 at 6:01 PM, Lars Ingebrigtsen <larsi@HIDDEN> wrote:
>> Jimmy Yuen Ho Wong <wyuenho@HIDDEN> writes:
>>
>>>> I can't see that that web page mentions Diffie-Hellman at all?
>>>>
>>>
>>> Click on the individual browsers.
>>
>> I see.
>>
>>> SSLLabs only reports that Firefox 59 / Win 7 has dropped support for
>>> DHE_RSA in the UA capabilities page[1], but client test[2] still shows
>>> it is supported, so does Chrome and Safari. I don't understand what's
>>> going on there. Could that list in in client test be static? Or that
>>> browsers still advertise their support for DHE_RSA when in fact they
>>> don't? Might have to get on a server and log out the TLS handshake to
>>> see what's actually going on...
>>>
>>> [1]: https://www.ssllabs.com/ssltest/clients.html
>>> [2]: https://www.ssllabs.com/ssltest/viewMyClient.html
>>
>> My
>>
>> Chromium        66.0.3359.117 (Developer Build) built on Debian 9.4,
>> running on Debian 9.4 (64-bit)
>>
>> on the viewMyClient reports not supporting DHE-RSA.
>>
>> Confusing.  :-)
>>
>> I tried finding a web site that says how many sites do not support ECDHE
>> as key exchange, and only found something from 2014 that says that was
>> 60%...
>>
>> --
>> (domestic pets only, the antidote for overdose, milk.)
>>    bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 28 Jun 2018 18:16:23 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Jun 28 14:16:23 2018
Received: from localhost ([127.0.0.1]:38827 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fYbSt-000731-1R
	for submit <at> debbugs.gnu.org; Thu, 28 Jun 2018 14:16:23 -0400
Received: from mail-io0-f175.google.com ([209.85.223.175]:36771)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wyuenho@HIDDEN>) id 1fYbSo-00072k-Jo
 for 31946 <at> debbugs.gnu.org; Thu, 28 Jun 2018 14:16:18 -0400
Received: by mail-io0-f175.google.com with SMTP id k3-v6so6116591iog.3
 for <31946 <at> debbugs.gnu.org>; Thu, 28 Jun 2018 11:16:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=4ctkey27cRJ1ysmSiLuD/YEAGfryVYFX5kGC0rybmd0=;
 b=aUxmxL5zMRlEoKtrXatbBKIp5OOf4LTTHwhoy7pSv8eUzPOfypKJClXKgW5y6+I9dh
 WrMKg+njfBVUkJyFDC8Ta5oMRcnt3fesE3JONrpeydLCXEkC95V2zuuqqGXCEC3rdbuk
 ijClCL/oE98e+aDS0rVmgnu/eL6GyGu2X/NWd3frYK77lQthCAtG2+iZ5WL5qZd3Agel
 3VLRz17DbGHgnoPMKAsIc0HVCCadUgo3uSpOPFWH/UkT7i3GcSp8Yj94eLPN1MsQr1eO
 gK4NbLAdNg0xpdFzEPfzP2eE1gXPWGtZWfseCj7pyLr0kg/My+Gs2IVomhAKoqOMjLA/
 AAYw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=4ctkey27cRJ1ysmSiLuD/YEAGfryVYFX5kGC0rybmd0=;
 b=n/fq6FeYHqbxCLGgfx/s1l2jukjs/MS2h6tIJAyjQxexStkygTwiXkdHSYOX+qVo3E
 U7cHJZd9NgcNd47BIdILjk9XcS4QE7OzZxwO7aLtHFtaWLBGN243hl4CFYWOZaA4bEvL
 FG10EbRj6a5pmlSkLeb0U0aROFKdZdDYuWH4KjgTjTuXKR4rmgKoZ06pEDVIQOhp+kaV
 6TZJF5rZbCJmx3PO0vzeh6zq0MuqEi3r8+WSMYzzUquQux5kNYkQkVOCyG0TLyjigTxo
 oOw45tsWKWCvjXxS7R46UtRNQmb3QYbPt8DHNyGKD9JpSrv2kvN+FZ4x+KUCQfdSA3vZ
 i7BA==
X-Gm-Message-State: APt69E2UF/Ze99fctF6fPR2noGzhAUoJDFp+QJEip8o5Gvr4PCijAWxf
 gtHiDqkU1W/7h9njZ1hgAIRNQxwfMpIqxoCUZXU=
X-Google-Smtp-Source: AAOMgpd3gDf7a5Rn7qQONz7iRHS+lwcHFwjEL6jg5d+ZTKXpeInbpTO5n3+OucCiOna6yHiggM9P4POHvn7J4CvI4oQ=
X-Received: by 2002:a6b:2095:: with SMTP id
 g143-v6mr9205030iog.167.1530209769045; 
 Thu, 28 Jun 2018 11:16:09 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:985d:0:0:0:0:0 with HTTP; Thu, 28 Jun 2018 11:15:48
 -0700 (PDT)
In-Reply-To: <m3h8lmhmlf.fsf@HIDDEN>
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN> <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <87tvpnojgt.fsf@HIDDEN>
 <CAKDRQS59U_itWd7E4FNi4g_QGp5qWWciqOS0-yd26Z-AkK6jZA@HIDDEN>
 <m3lgayhop3.fsf@HIDDEN>
 <CAKDRQS5KOq7RsL1jfJvHk7apKQ3noscfK1r74A7pVQXcFErUxw@HIDDEN>
 <m3h8lmhmlf.fsf@HIDDEN>
From: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Date: Thu, 28 Jun 2018 19:15:48 +0100
Message-ID: <CAKDRQS71J_bPMnSB77nPx_fYzAfgwqTVgNuCALBB3zVy_xv9JA@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
To: Lars Ingebrigtsen <larsi@HIDDEN>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Eli Zaretskii <eliz@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Noam Postavsky <npostavs@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

The Telemetry data[1] from Mozilla in bug report 1227519[2] suggests
DHE usage is very low for HTTP. No data for any other protocol.

I just used Wireshark on Chrome and Firefox on macOS, they all seem to
advertise DH and DHE cipher suites in Client Hello for TLS 1.2, they
even advertise CBC mode ciphers too. While I'm not sure about Firefox,
surely Chrome has removed DHE_SHA KX and CBC modes according to
ChromeStatus[3]?


[1]: https://tlscanary.mozilla.org/runs/2018-01-25-01-21-44/
[2]: https://bugzilla.mozilla.org/show_bug.cgi?id=1227519
[3]: https://www.chromestatus.com/features#tls

On Thu, Jun 28, 2018 at 6:01 PM, Lars Ingebrigtsen <larsi@HIDDEN> wrote:
> Jimmy Yuen Ho Wong <wyuenho@HIDDEN> writes:
>
>>> I can't see that that web page mentions Diffie-Hellman at all?
>>>
>>
>> Click on the individual browsers.
>
> I see.
>
>> SSLLabs only reports that Firefox 59 / Win 7 has dropped support for
>> DHE_RSA in the UA capabilities page[1], but client test[2] still shows
>> it is supported, so does Chrome and Safari. I don't understand what's
>> going on there. Could that list in in client test be static? Or that
>> browsers still advertise their support for DHE_RSA when in fact they
>> don't? Might have to get on a server and log out the TLS handshake to
>> see what's actually going on...
>>
>> [1]: https://www.ssllabs.com/ssltest/clients.html
>> [2]: https://www.ssllabs.com/ssltest/viewMyClient.html
>
> My
>
> Chromium        66.0.3359.117 (Developer Build) built on Debian 9.4,
> running on Debian 9.4 (64-bit)
>
> on the viewMyClient reports not supporting DHE-RSA.
>
> Confusing.  :-)
>
> I tried finding a web site that says how many sites do not support ECDHE
> as key exchange, and only found something from 2014 that says that was
> 60%...
>
> --
> (domestic pets only, the antidote for overdose, milk.)
>    bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 28 Jun 2018 17:01:25 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Jun 28 13:01:25 2018
Received: from localhost ([127.0.0.1]:38809 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fYaIO-0005Lf-Uj
	for submit <at> debbugs.gnu.org; Thu, 28 Jun 2018 13:01:25 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:53125)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fYaIN-0005LR-2S
 for 31946 <at> debbugs.gnu.org; Thu, 28 Jun 2018 13:01:24 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=stories)
 by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <larsi@HIDDEN>)
 id 1fYaIH-0008KO-0L; Thu, 28 Jun 2018 19:01:20 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN>
 <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <87tvpnojgt.fsf@HIDDEN>
 <CAKDRQS59U_itWd7E4FNi4g_QGp5qWWciqOS0-yd26Z-AkK6jZA@HIDDEN>
 <m3lgayhop3.fsf@HIDDEN>
 <CAKDRQS5KOq7RsL1jfJvHk7apKQ3noscfK1r74A7pVQXcFErUxw@HIDDEN>
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAHlBMVEUQDwwZGBSztLWOjo3e
 3+JtbWskIx8dHBcbGhVCQT5bfqKpAAACVUlEQVQ4ja2RsXPaMBTGX5akbPUUZ5Xs3rFaUXqsQRm6
 9SxETxvXnE28JYtltnqyuwWoFPTfRhK4Abr2Gx74/fS9z3oG9Y+avo2iCFTTnbQ71fdxAKpvVHd0
 vOsPjlN1fezbDnSqOwVtGwg0Zxmqjw4ON/XspQKCvnHhx/3utw0g7qOza3R7cN3H+1GVfgu/7aoZ
 Mnr3WOdYmKfaO6pDRn/twWaa0pyaYH0aMhxYJQTTWzZ1pNbrY4AylgrGHpZ1ke72o9oodsdwzuj4
 liFByLw5OMI9tCYp1lOZMWFU2G7c+GxVk0mBMJcMy91+7fFLFMijmG+TbxU1y6buWn/Bpg0rMdws
 tvbyaqmU9R/EjWq9Y7XO5HqUmWc9128BRG0IL1WGxzC7W3aVUQ60Hrhd1YsqZ+nrqCxLN8st3oPY
 Oepa8wxpMGXpP2PjQezupwqjCUfUA79IFfcu3E1acusAmfwqg+qlqsEHlBWxmgr0BUblIFC+PlJq
 ORHi8xEIdZOknBBihTWVLe0HEImcpYS8aGoHBVBxLGcPnF7l+BhU1maUbu7H8mKD078gVIHoIxsb
 uGHJ+ARYLv9guQBwb1EJIeQBaI0tnuQL+FQJrUWQA1pYm9+bkgBc7MQgsK58NwVKawpw+aOg+z4H
 X2VZ6e145xx3BTkoAGG1+cm+AgAv+AD8H2q13bKHZ4i41oFkCAKWel0lUwkXorhx810HAUIIE1ot
 RjNMX0Frd429AwUZuORoMi+LdeEMmetAwpzuEZYrITmV1mWEo8AGYcHdoWR4/ABn+o/gHaVgkGcq
 LHmvAAAAAElFTkSuQmCC
Date: Thu, 28 Jun 2018 19:01:16 +0200
In-Reply-To: <CAKDRQS5KOq7RsL1jfJvHk7apKQ3noscfK1r74A7pVQXcFErUxw@HIDDEN>
 (Jimmy Yuen Ho Wong's message of "Thu, 28 Jun 2018 17:42:00 +0100")
Message-ID: <m3h8lmhmlf.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Eli Zaretskii <eliz@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Noam Postavsky <npostavs@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Jimmy Yuen Ho Wong <wyuenho@HIDDEN> writes:

>> I can't see that that web page mentions Diffie-Hellman at all?
>>
>
> Click on the individual browsers.

I see.

> SSLLabs only reports that Firefox 59 / Win 7 has dropped support for
> DHE_RSA in the UA capabilities page[1], but client test[2] still shows
> it is supported, so does Chrome and Safari. I don't understand what's
> going on there. Could that list in in client test be static? Or that
> browsers still advertise their support for DHE_RSA when in fact they
> don't? Might have to get on a server and log out the TLS handshake to
> see what's actually going on...
>
> [1]: https://www.ssllabs.com/ssltest/clients.html
> [2]: https://www.ssllabs.com/ssltest/viewMyClient.html

My 

Chromium	66.0.3359.117 (Developer Build) built on Debian 9.4,
running on Debian 9.4 (64-bit)

on the viewMyClient reports not supporting DHE-RSA.

Confusing.  :-)

I tried finding a web site that says how many sites do not support ECDHE
as key exchange, and only found something from 2014 that says that was
60%...

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 28 Jun 2018 16:42:28 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Jun 28 12:42:28 2018
Received: from localhost ([127.0.0.1]:38801 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fYa04-0004tx-Jt
	for submit <at> debbugs.gnu.org; Thu, 28 Jun 2018 12:42:28 -0400
Received: from mail-io0-f175.google.com ([209.85.223.175]:33237)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wyuenho@HIDDEN>) id 1fYa03-0004tk-8U
 for 31946 <at> debbugs.gnu.org; Thu, 28 Jun 2018 12:42:27 -0400
Received: by mail-io0-f175.google.com with SMTP id d185-v6so5859977ioe.0
 for <31946 <at> debbugs.gnu.org>; Thu, 28 Jun 2018 09:42:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=yQvueGVOeMUXPD1gvuRu4pAFJwv1yk6ChcytjDRoATs=;
 b=pyj9Rq2LHk8iEB6XBYb8usO7GP8n1zPXAzqh57eXW6kEaSuy/eFzQSfarrxffPebFW
 XLnkrkSULwqcdAvC9anKEQaDmMshwCgU4tkmr8TC+kaEjYdgBefYN0+ISQUkpvPFG2wj
 cnh5um96aV1mdCUEWkGLIkNYsguDde9rRS64om8/5AbraiEkR77Z8x7/cDDi8Uter2w+
 WeRpcYGLpWd651u3yDFzzypVoEJhL0qxsBb5o72Bs6qoeWWkSn3+m6Ftl6IzwiaK9INv
 txwD9S8kQDAOGW27FD/9KkV8gZ4Z9QZjW3ypSs6DKsaMY4jalsYHb/k8AePqGSqMV0xt
 wv+A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=yQvueGVOeMUXPD1gvuRu4pAFJwv1yk6ChcytjDRoATs=;
 b=ODDxA3Ki3CV0VJBrPtN9LJ/16gGaLqeAPUnCBw/+Z5wwX9oJGmYDnunaBrvqhjg4Cw
 7QCdqZtGZQNnPd+U3wcMkExbBv7RG15lI6VVZO8gMP3KMldy6I6otVw+5YEa6fmoInF7
 3hRT6imcVCHXOvTUTC5AQ4kXOToE+ufrymX50trkD3Da2AdzDh4TaWEmLz+NtLTau4OX
 Ezg8n3CjTkaHMIVGncsYTlWUNRWB272Lcb9M6O7iPYjDkJcNzU3q8+4yDbOKB+KAvNn1
 Wl5XoFHdAYe+nO0VCdKqsojLzhf977jyu/lSPEYCW7DTaI4SUboddq0wytuh1yOW21+E
 JDQQ==
X-Gm-Message-State: APt69E0Wy+nHr26+pfEXudiisuWMsEvzZOeHPl+MKhFpAdAIyywkKdYc
 PIFWBlwopYk60qaA1zWY2tC74VC8olivPUGa4Po=
X-Google-Smtp-Source: AAOMgpfbGHNxZWiAiV9QPO3XvdTNTWh/sakG738EbV05JYDmYSBq/X0YpHjkn4kflKv6BYrgS79uVx0wc1IV1r2Ctiw=
X-Received: by 2002:a6b:e008:: with SMTP id
 z8-v6mr9061028iog.296.1530204141200; 
 Thu, 28 Jun 2018 09:42:21 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:985d:0:0:0:0:0 with HTTP; Thu, 28 Jun 2018 09:42:00
 -0700 (PDT)
In-Reply-To: <m3lgayhop3.fsf@HIDDEN>
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN> <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <87tvpnojgt.fsf@HIDDEN>
 <CAKDRQS59U_itWd7E4FNi4g_QGp5qWWciqOS0-yd26Z-AkK6jZA@HIDDEN>
 <m3lgayhop3.fsf@HIDDEN>
From: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Date: Thu, 28 Jun 2018 17:42:00 +0100
Message-ID: <CAKDRQS5KOq7RsL1jfJvHk7apKQ3noscfK1r74A7pVQXcFErUxw@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
To: Lars Ingebrigtsen <larsi@HIDDEN>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Eli Zaretskii <eliz@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Noam Postavsky <npostavs@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

> I can't see that that web page mentions Diffie-Hellman at all?
>

Click on the individual browsers.

> And Firefox in Debian Stable certainly supports Diffie-Hellman.
>

Firefox on Debian is Firefox 52 ESR, it's 9 versions behind current.
Firefox 60 ESR is in the experimental section.

SSLLabs only reports that Firefox 59 / Win 7 has dropped support for
DHE_RSA in the UA capabilities page[1], but client test[2] still shows
it is supported, so does Chrome and Safari. I don't understand what's
going on there. Could that list in in client test be static? Or that
browsers still advertise their support for DHE_RSA when in fact they
don't? Might have to get on a server and log out the TLS handshake to
see what's actually going on...

[1]: https://www.ssllabs.com/ssltest/clients.html
[2]: https://www.ssllabs.com/ssltest/viewMyClient.html




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 28 Jun 2018 16:15:58 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Jun 28 12:15:57 2018
Received: from localhost ([127.0.0.1]:38776 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fYZaP-0004FU-Mj
	for submit <at> debbugs.gnu.org; Thu, 28 Jun 2018 12:15:57 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:52626)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fYZaO-0004FI-2m
 for 31946 <at> debbugs.gnu.org; Thu, 28 Jun 2018 12:15:56 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=stories)
 by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <larsi@HIDDEN>)
 id 1fYZaK-0006y1-RM; Thu, 28 Jun 2018 18:15:54 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN>
 <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <87tvpnojgt.fsf@HIDDEN>
 <CAKDRQS59U_itWd7E4FNi4g_QGp5qWWciqOS0-yd26Z-AkK6jZA@HIDDEN>
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAHlBMVEVfXV8SChBDQUB3dHMF
 BAkCAgaQh3ssJClwbW8EAwgaZRNoAAACSklEQVQ4jW3Uv4+bMBQHcMtUIWNJiXLZ0nfSOSMNEsca
 ydU1Y6V6YENB8mVMrJPcEYUTYa0EA//tPduQ+9HzgAKffP0eP2wCnw52IuGut6Pr275vOY7eHDiZ
 m2t9JqxyvkNoHWQonRCZwB+YaltzMCC6rEf486CCcMu4m7g1gP8VQvybeqAO0y+Y4+3OQIYluqz7
 7XlMSe95hxd564qH/a7rt94ULLimOFn2C19rTVXVwFHGz0NrBmaPDVPnVRXBHQLn14QFikBvX2E7
 AjHwV8aXWe1rpUML+8Z3gDWaOrkcvfiJvwVTvEmSy8orwhHgmngPTP0Pcws2wYYa10Qe+1CuGUXw
 13WCt+TgWx7TlZyQEuG8TuTGwXyApIp8W0PuoSqCMUFkPbQbSwqxm+rrPgUVjV1FEiCNHTxG2C4M
 CQPRB/BHyFNbHAHv3CRuZXE5nhaQszDEd27AJFIDZ28D9ECeggGgXDkgSQS0SE4W7rHGGZoGQMak
 Ll/hEjHYQIRPTFYfQRkAC+QK5itRG0UazcrSwHkAsZgxPckXWp0WdJUQ2FtYiuxXRfVEptOCLVQi
 yxGy7qaiMJGxd3gHuAwQGCa83HdAi/qaGECrpDAwGRLxZ7DsPoJit8R2ZQASC0rF9wHnD0GAU/Xi
 JibawQzBftMIy75DYHWRegcDP95CdGZ3eeo12G7qYGsgQ9AGSoRmgBCLi5vSJqYldjUAN12JrWJB
 oJiG70FAT2/ADlzVwy4y1sBEYMZPkZkNA0+2FuYjLO0mwx9wbYfY7gsiYj391QNdLwAAAABJRU5E
 rkJggg==
Date: Thu, 28 Jun 2018 18:15:52 +0200
In-Reply-To: <CAKDRQS59U_itWd7E4FNi4g_QGp5qWWciqOS0-yd26Z-AkK6jZA@HIDDEN>
 (Jimmy Yuen Ho Wong's message of "Thu, 28 Jun 2018 16:58:51 +0100")
Message-ID: <m3lgayhop3.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Eli Zaretskii <eliz@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Noam Postavsky <npostavs@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Jimmy Yuen Ho Wong <wyuenho@HIDDEN> writes:

> A bit more update from my research, the authoritative list of browser
> capabilities is actually https://www.ssllabs.com/ssltest/clients.html
> . We can see that only IE and Opera still support DHE_RSA KX, and
> these browsers don't matter as game changers.

(For those who don't read Encryption Acronym Soup, that means
"Diffie-Hellman (Ephemeral) key exchange.)

I can't see that that web page mentions Diffie-Hellman at all?

And Firefox in Debian Stable certainly supports Diffie-Hellman.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 28 Jun 2018 16:10:57 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Jun 28 12:10:57 2018
Received: from localhost ([127.0.0.1]:38772 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fYZVZ-00047Z-2V
	for submit <at> debbugs.gnu.org; Thu, 28 Jun 2018 12:10:57 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:52576)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fYZVV-00047O-P5
 for 31946 <at> debbugs.gnu.org; Thu, 28 Jun 2018 12:10:54 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=stories)
 by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <larsi@HIDDEN>)
 id 1fYZVR-0000MY-Sy; Thu, 28 Jun 2018 18:10:52 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Eli Zaretskii <eliz@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN>
 <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <m3lgb0mo0a.fsf@HIDDEN> <m3bmbwmnen.fsf@HIDDEN>
 <836024qmyv.fsf@HIDDEN>
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAHlBMVEVfXV8SChBDQUB3dHMF
 BAkCAgaQh3ssJClwbW8EAwgaZRNoAAACSklEQVQ4jW3Uv4+bMBQHcMtUIWNJiXLZ0nfSOSMNEsca
 ydU1Y6V6YENB8mVMrJPcEYUTYa0EA//tPduQ+9HzgAKffP0eP2wCnw52IuGut6Pr275vOY7eHDiZ
 m2t9JqxyvkNoHWQonRCZwB+YaltzMCC6rEf486CCcMu4m7g1gP8VQvybeqAO0y+Y4+3OQIYluqz7
 7XlMSe95hxd564qH/a7rt94ULLimOFn2C19rTVXVwFHGz0NrBmaPDVPnVRXBHQLn14QFikBvX2E7
 AjHwV8aXWe1rpUML+8Z3gDWaOrkcvfiJvwVTvEmSy8orwhHgmngPTP0Pcws2wYYa10Qe+1CuGUXw
 13WCt+TgWx7TlZyQEuG8TuTGwXyApIp8W0PuoSqCMUFkPbQbSwqxm+rrPgUVjV1FEiCNHTxG2C4M
 CQPRB/BHyFNbHAHv3CRuZXE5nhaQszDEd27AJFIDZ28D9ECeggGgXDkgSQS0SE4W7rHGGZoGQMak
 Ll/hEjHYQIRPTFYfQRkAC+QK5itRG0UazcrSwHkAsZgxPckXWp0WdJUQ2FtYiuxXRfVEptOCLVQi
 yxGy7qaiMJGxd3gHuAwQGCa83HdAi/qaGECrpDAwGRLxZ7DsPoJit8R2ZQASC0rF9wHnD0GAU/Xi
 JibawQzBftMIy75DYHWRegcDP95CdGZ3eeo12G7qYGsgQ9AGSoRmgBCLi5vSJqYldjUAN12JrWJB
 oJiG70FAT2/ADlzVwy4y1sBEYMZPkZkNA0+2FuYjLO0mwx9wbYfY7gsiYj391QNdLwAAAABJRU5E
 rkJggg==
Date: Thu, 28 Jun 2018 18:10:49 +0200
In-Reply-To: <836024qmyv.fsf@HIDDEN> (Eli Zaretskii's message of "Wed, 27 Jun
 2018 18:16:08 +0300")
Message-ID: <m3po0ahoxi.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org, wyuenho@HIDDEN, npostavs@HIDDEN
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Eli Zaretskii <eliz@HIDDEN> writes:

>> (open-network-stream "foo" nil "dh-composite.badssl.com" "https" :tls t)
>> 
>> a short way to write the above.  I.e., the default TLS parameters (which
>> is what you need in 99.9% of the cases) would be used if you just say
>> :tls t.
>> 
>> Does that sound OK to you, Eli?
>
> Sounds good, but does it really require a new property?  Why not a
> special value of the existing :tls-parameters?  For example:
>
>   (open-network-stream "foo" nil "dh-composite.badssl.com" "https"
>                        :tls-parameters 'tls-defaults)

Yes, that would work, too.

But I think (considering the semantics and discoverability of the
interface), that a separate :tls parameter would be nice.  If the user
wonders "how to I make this connection encrypted?  Ah, :tls t".  It
seems like a logical interface.

For instance in constructions like

(open-network-stream ... :tls (and foo bar))

it seems more idiomatic. 

While :tls-parameters 'tls-defaults is something that seems less natural
to me.  :tls t :tls-parameters ... for the extremely, extremely few that
need to specify the parameters explicitly doesn't seem like a huge
imposition, either...

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 28 Jun 2018 15:59:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Jun 28 11:59:19 2018
Received: from localhost ([127.0.0.1]:38766 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fYZKI-0003oh-Se
	for submit <at> debbugs.gnu.org; Thu, 28 Jun 2018 11:59:19 -0400
Received: from mail-it0-f43.google.com ([209.85.214.43]:35856)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wyuenho@HIDDEN>) id 1fYZKH-0003oU-Go
 for 31946 <at> debbugs.gnu.org; Thu, 28 Jun 2018 11:59:17 -0400
Received: by mail-it0-f43.google.com with SMTP id j135-v6so13281273itj.1
 for <31946 <at> debbugs.gnu.org>; Thu, 28 Jun 2018 08:59:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=JsHCSTO+OCMn0bi1Z80v+iDTdsjxfejrzelm4qMfBRo=;
 b=HIEtVqE/P4MPB2RUqvSYM+r5Mt4Kt3Hno+jAcGDITVUEWEBRrKqJ8rfaZbGPRgNut4
 y1EI8I1V9/bVsYenIHqay4+7bqO/dKLhSl2yMR8fVHtdwi7ZGH19N325S8pbQIkSTQqh
 EbZKhxRl2C4nXrL/bDSOkmJRa/sAgQUFEaXZuY6BSAdhrFuGDVcc8tUsw4BoJQV1Ycuo
 w7Vau9TCPE4tg4yo+rZ+jYOnbbSnqsRJLzSo91p804FyfEKZKrCZn8y+nBGnbcADNtUo
 t5Ir/Yu4dIsCPGaN0jZwpr8mXskT6y2mp744gZ+P7H4A24Cn3uLktCxAJySHYS/Y+br9
 xKOw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=JsHCSTO+OCMn0bi1Z80v+iDTdsjxfejrzelm4qMfBRo=;
 b=rvjgYHiHjOowALqL4yasH3JL0VZU8eZsXLuzwLPHzh0oQjWoYr3OKTjHonIrGpzZtl
 lr39s/IGELyBd2guiD9BWyE64Pswe8z2z5bFpriD6pNQqlB/s71vbgDiA4ZDQ4MvQUMx
 9NrRNiDPVCPMKO9gaF8NSyDkHjcFIVjCgsFVV4BGKynFHBPJY59IM/3tPo/VKXpBjufW
 2yHp0eCaH3LW6RND3q+rB0rDyMAasr7zw+cZUdoMeNHAowDiHAE5UMbTl8vto194ZYKB
 AXp/jvQ4/DJqEdhK2TA/UO3b2chOZgvH6vePa3oXYx9QHKnYeaffIuAFh/SwSV0pSqrq
 bIaA==
X-Gm-Message-State: APt69E1LpBpQB1frayuFJHxOdo1wWn7EJ/ykov+l1mEEFnLBNmHzqUCQ
 tOYFUbrc4K/SHkCcDV94+TgEFLdgFPUc8jaTCvA=
X-Google-Smtp-Source: AAOMgpcN7Jm3T+dXi3gAD/vk2bJ7PbC/x5s9qhAzhps4Y7tDjiIv2AZ0IOHvSQiQ/PLg2QMKEkqVWJMkqDa0KcX1nZQ=
X-Received: by 2002:a02:4187:: with SMTP id n7-v6mr9237081jad.86.1530201551872; 
 Thu, 28 Jun 2018 08:59:11 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:985d:0:0:0:0:0 with HTTP; Thu, 28 Jun 2018 08:58:51
 -0700 (PDT)
In-Reply-To: <87tvpnojgt.fsf@HIDDEN>
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN> <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <87tvpnojgt.fsf@HIDDEN>
From: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Date: Thu, 28 Jun 2018 16:58:51 +0100
Message-ID: <CAKDRQS59U_itWd7E4FNi4g_QGp5qWWciqOS0-yd26Z-AkK6jZA@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
To: Noam Postavsky <npostavs@HIDDEN>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Eli Zaretskii <eliz@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Lars Ingebrigtsen <larsi@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

>
> So, the client side can't be patched, and the server side doesn't really
> need to be patched (just leave the "reuse ephemeral key" option turned
> off).
>

He's talking about GnuTLS servers, nobody uses GnuTLS on the
server-side, also GnuTLS' implementation of RFC 7919 doesn't seem to
be in 3.5.x branch.

A bit more update from my research, the authoritative list of browser
capabilities is actually https://www.ssllabs.com/ssltest/clients.html
. We can see that only IE and Opera still support DHE_RSA KX, and
these browsers don't matter as game changers.

Unless we plan to require GnuTLS 3.6+, we'll definitely need to warn
in the 'medium level. This is a super simple check.

> Furthermore, it seems gnutls has added support for standardized primes,
> so that pretty much resolves the issue as much as it can be:
>

WRT RFC 7919, IMO, it is dead on arrival, even when it is approved.
With DHE based ciphers removed in browsers, the only real options are
TLS 1.2/1.3 with ECDHE KX, and fall back to TLS 1.2 with RSA KX.




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 28 Jun 2018 00:14:54 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Jun 27 20:14:54 2018
Received: from localhost ([127.0.0.1]:38000 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fYKaM-0001KZ-1a
	for submit <at> debbugs.gnu.org; Wed, 27 Jun 2018 20:14:54 -0400
Received: from mail-it0-f53.google.com ([209.85.214.53]:37515)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <npostavs@HIDDEN>) id 1fYKaJ-0001KJ-Gj
 for 31946 <at> debbugs.gnu.org; Wed, 27 Jun 2018 20:14:52 -0400
Received: by mail-it0-f53.google.com with SMTP id p17-v6so5037287itc.2
 for <31946 <at> debbugs.gnu.org>; Wed, 27 Jun 2018 17:14:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=rF77JHQpxy4QgmDN7Vu5hKmplCQ6GxwsxgUnkUGPFS8=;
 b=AE9BwA/YnRKbct72dfvvRs0TUx7XQpLSlTbX4QlUxUvaCiwn9AJGt3V3aMYEuQN+xb
 W16hBFwfPgHhDW4XC/y2LsLTERC9HYDNu56Apgb6iS+dHNRHT+OQ4m4BsGxAsY/EC1ui
 jgsJsDBcgq+id5EL6hTLG4r2hj++75Qtu87s8+d7EhUR9U0FWfKQkL2B/jJ/jwszOygz
 MXHNdl5RAELlQQd0QvZcP7k+INaM3dClU52LECzJ7fdVQY/xkX7k864Sv7hOfsIJnLYP
 Gg+unCU8N6Q5TfJ2r9cTaev2OkEQR2Bs1lwu96UD1r8Tl3gdPwnZVNNrEUwX1kkz21Gx
 s2DQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version;
 bh=rF77JHQpxy4QgmDN7Vu5hKmplCQ6GxwsxgUnkUGPFS8=;
 b=g8ilO0lOeHOANoofnOe8bypCLLR7O2BDsFkFzhMvRCIDddcpiK8mdKlw968lpnKf9V
 GwBcmSC6UtZLpkBwXxbDXONgguN+qPzQfNFzcqa1WzqYqhOyI17jj1ntD/jH4EijwFLq
 qRV46GyFvw6ekLGoKEu1Ge9drx1h6GhBtOFfuFuEMU3m3a77Y1UvbMJgpbdUnXrAIxiI
 sIsGMqUJUX48POU2T8eZr/9U5AcJdK7HELoRYG7CUJU8DSuqOGieHN9JVxgBhhhpIpAf
 +jyX/gNgitbLVh88iPSUupcCE4jMTbVtOyUigeCvj2isATXbwhTaptEUkGCcOKMGqDw3
 2JbA==
X-Gm-Message-State: APt69E2aSVci3M+2NreTKHUhexYaM1JhduJ6DtfHYf3NVbDVz5XoD9Iq
 QxFSCgwgKnXMu41SPmoWeLs=
X-Google-Smtp-Source: AAOMgpcBPU20RyZdKFrZkAiq71a0XjXrGkiQnl/9EIth/21kAgOay6jxehCYl9qZNI8ezPdzhtwriA==
X-Received: by 2002:a02:5c45:: with SMTP id
 q66-v6mr6924521jab.140.1530144886058; 
 Wed, 27 Jun 2018 17:14:46 -0700 (PDT)
Received: from zebian (cbl-45-2-119-34.yyz.frontiernetworks.ca. [45.2.119.34])
 by smtp.googlemail.com with ESMTPSA id
 62-v6sm3139209ity.37.2018.06.27.17.14.43
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Wed, 27 Jun 2018 17:14:45 -0700 (PDT)
From: Noam Postavsky <npostavs@HIDDEN>
To: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN>
 <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
Date: Wed, 27 Jun 2018 20:14:42 -0400
In-Reply-To: <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 (Jimmy Yuen Ho Wong's message of "Wed, 27 Jun 2018 06:09:25 +0100")
Message-ID: <87tvpnojgt.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Eli Zaretskii <eliz@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Lars Ingebrigtsen <larsi@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Jimmy Yuen Ho Wong <wyuenho@HIDDEN> writes:

> Tidbit: The GnuTLS basically ignored a group of Adobe researchers when they
> reported to them GnuTLS was susceptible to the small group
> attack[7]...

> [7]: https://eprint.iacr.org/2016/995.pdf

I guess the report is here (the reporter, Luke Valenta, is the first
author of the paper): https://gitlab.com/gnutls/gnutls/issues/104

The paper just says "didn't patch", but looking in the details of the
report, Luke says:

    From a client's perspective, the TLS protocol limitation does
    prevent "q" from being specified. However, since a server knows the
    value of "q", it should be perform proper subgroup validation checks
    as a precaution against small subgroup attacks[...]

    I agree that since the server does not reuse ephemeral DH keys, it
    is not currently vulnerable to a small subgroup attack.

So, the client side can't be patched, and the server side doesn't really
need to be patched (just leave the "reuse ephemeral key" option turned
off).

Furthermore, it seems gnutls has added support for standardized primes,
so that pretty much resolves the issue as much as it can be:

https://gitlab.com/gnutls/gnutls/merge_requests/437




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 27 Jun 2018 16:40:52 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Jun 27 12:40:51 2018
Received: from localhost ([127.0.0.1]:37836 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fYDUu-0003Pp-Bv
	for submit <at> debbugs.gnu.org; Wed, 27 Jun 2018 12:40:51 -0400
Received: from mail-it0-f43.google.com ([209.85.214.43]:38454)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wyuenho@HIDDEN>) id 1fYDUp-0003PZ-Vw
 for 31946 <at> debbugs.gnu.org; Wed, 27 Jun 2018 12:40:47 -0400
Received: by mail-it0-f43.google.com with SMTP id v83-v6so8365762itc.3
 for <31946 <at> debbugs.gnu.org>; Wed, 27 Jun 2018 09:40:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=NJdxD4lHquqXyy1m/7bxx1HSC0Y5YT/AwOyhHdyoLBY=;
 b=fbSuh26grvDHMZeK5Z6bzjLc2tCT+bb8AFdfhPPPhGw9EIxKNqeo5BoMuJVRT76imj
 Ts8+YfhBTVG0WsX5mr3s0TaFxmLjymcuqYrls5jvNgk+Lx9jSk/KQ2G/hpUVZSD9xJYd
 L35uH9uH3PifpHhaXTOj8Pqvx/Fm+u/S/iNe5OGtdu7COPwMjQP3SlT1uxvO3WCNC1Vk
 M/KVNM0Wv1fdzMpUJVajpMGnkPK3YWYnY75RKa3Q9/0JHhJENwCBTiOO9sb7ECdgr9eS
 ZbTRBtX+RfXz84mPLNOT9QpdGtgjGQPhRgLmhKsoEEoUZBzAqKVgGgE23lFRgXnfl4fe
 trgQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=NJdxD4lHquqXyy1m/7bxx1HSC0Y5YT/AwOyhHdyoLBY=;
 b=kxmMU4bSTlLLO+r1I2UHqtXJSL2JdZvv5/HF28qMTai4bocsEKrPA5owXTt9Z3R0qA
 J7PEEAp63J1zZtH68UBBIJfOn70W7V6Xp+x8g+pUx1qcrsXjGroe54lTHBWbyWu2QJZJ
 Yr/zd5x/wt6UuKY4w0f7mNZeewYH7NTTAehsVzyh56fAmd497Rc98pfElxTKcjNwIO5O
 WqBbvSm8jEP+lEkm7yy5zkeM7a9Cl6zI9nH/wvtpOQv8tsypLg3/XI7yAoNF3+6ELH+i
 eSjgSF++d+eVgrudNy8kF5Rcgw3cREtm6dzKPnmc8Sus089FR9nwjyOWXwqHcncSVDx3
 NLKw==
X-Gm-Message-State: APt69E1ao9HYoQdt9Ze01GILrxxodU3HPTeupGDH0Bc0VaQqNc0DMrEj
 1LKWyQwJNDrBPllI06hG9+TaLggLKVg1zOCyUpA=
X-Google-Smtp-Source: AAOMgpcOcKcvt9WQO66EIx2sM+7j6K7yV4xdpw7jzGcY+L5J1bvFE8XKg1cXn9u+WZvEcskowXNMrgyhwFu/obmYEAQ=
X-Received: by 2002:a24:cf57:: with SMTP id
 y84-v6mr5668229itf.98.1530117638172; 
 Wed, 27 Jun 2018 09:40:38 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:985d:0:0:0:0:0 with HTTP; Wed, 27 Jun 2018 09:40:17
 -0700 (PDT)
In-Reply-To: <836024qmyv.fsf@HIDDEN>
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN> <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <m3lgb0mo0a.fsf@HIDDEN> <m3bmbwmnen.fsf@HIDDEN> <836024qmyv.fsf@HIDDEN>
From: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Date: Wed, 27 Jun 2018 17:40:17 +0100
Message-ID: <CAKDRQS5F-ievTNO6UM-YAHp3nZr8J==qEyXtyW9vj-PDfC-4aA@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
To: Eli Zaretskii <eliz@HIDDEN>
Content-Type: multipart/alternative; boundary="00000000000049b94f056fa24635"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Noam Postavsky <npostavs@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

--00000000000049b94f056fa24635
Content-Type: text/plain; charset="UTF-8"

I've been reading a bit more on recent cipher and key exchange negotiation
changes, it appears that the reason 3des "fail" on modern browsers is the
same reason they "fail" dh-small-subgroup and dh-composite. They are not
actually failing if the negotiated KX algo is ECDHE.

As a good measure, I think we should also offer in the high profile, checks
for RSA KX and CBC mode ciphers. They are all marked as weak by modern
browsers. There are apparently enterprise middlewares that decrypt RSA KX
for monitoring. CBC is weak and should also be checked in the high profile
because BEAST and POODLE (high because of compatibiltiy).

On Wed, Jun 27, 2018 at 4:16 PM, Eli Zaretskii <eliz@HIDDEN> wrote:

> > From: Lars Ingebrigtsen <larsi@HIDDEN>
> > Cc: 31946 <at> debbugs.gnu.org,  Noam Postavsky <npostavs@HIDDEN>, Eli
> Zaretskii <eliz@HIDDEN>
> > Date: Wed, 27 Jun 2018 14:20:16 +0200
> >
> > Speaking of which -- it's quite a mouthful to say:
> >
> > (open-network-stream
> >  "foo" nil "dh-composite.badssl.com" "https"
> >  :tls-parameters (cons 'gnutls-x509pki (gnutls-boot-parameters
> >                                         :hostname "
> dh-composite.badssl.com")))
> >
> > I've been meaning to add a :tls keyword to `open-network-stream' that
> > would make
> >
> > (open-network-stream "foo" nil "dh-composite.badssl.com" "https" :tls t)
> >
> > a short way to write the above.  I.e., the default TLS parameters (which
> > is what you need in 99.9% of the cases) would be used if you just say
> > :tls t.
> >
> > Does that sound OK to you, Eli?
>
> Sounds good, but does it really require a new property?  Why not a
> special value of the existing :tls-parameters?  For example:
>
>   (open-network-stream "foo" nil "dh-composite.badssl.com" "https"
>                        :tls-parameters 'tls-defaults)
>

--00000000000049b94f056fa24635
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div>I&#39;ve been reading a bit more on recent cipher and=
 key exchange negotiation changes, it appears that the reason 3des &quot;fa=
il&quot; on modern browsers is the same reason they &quot;fail&quot; dh-sma=
ll-subgroup and dh-composite. They are not actually failing if the negotiat=
ed KX algo is ECDHE.</div><div><br></div><div>As a good measure, I think we=
 should also offer in the high profile, checks for RSA KX and CBC mode ciph=
ers. They are all marked as weak by modern browsers. There are apparently e=
nterprise middlewares that decrypt RSA KX for monitoring. CBC is weak and s=
hould also be checked in the high profile because BEAST and POODLE (high be=
cause of compatibiltiy).<br></div></div><div class=3D"gmail_extra"><br><div=
 class=3D"gmail_quote">On Wed, Jun 27, 2018 at 4:16 PM, Eli Zaretskii <span=
 dir=3D"ltr">&lt;<a href=3D"mailto:eliz@HIDDEN" target=3D"_blank">eliz@gnu=
.org</a>&gt;</span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"ma=
rgin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">&gt; From: Lar=
s Ingebrigtsen &lt;<a href=3D"mailto:larsi@HIDDEN">larsi@HIDDEN</a>&gt;=
<br>
&gt; Cc: <a href=3D"mailto:31946 <at> debbugs.gnu.org">31946 <at> debbugs.gnu.org</a>=
,=C2=A0 Noam Postavsky &lt;<a href=3D"mailto:npostavs@HIDDEN">npostavs@g=
mail.com</a>&gt;, Eli Zaretskii &lt;<a href=3D"mailto:eliz@HIDDEN">eliz@gn=
u.org</a>&gt;<br>
&gt; Date: Wed, 27 Jun 2018 14:20:16 +0200<br>
<span class=3D"">&gt; <br>
&gt; Speaking of which -- it&#39;s quite a mouthful to say:<br>
&gt; <br>
&gt; (open-network-stream<br>
&gt;=C2=A0 &quot;foo&quot; nil &quot;<a href=3D"http://dh-composite.badssl.=
com" rel=3D"noreferrer" target=3D"_blank">dh-composite.badssl.com</a>&quot;=
 &quot;https&quot;<br>
&gt;=C2=A0 :tls-parameters (cons &#39;gnutls-x509pki (gnutls-boot-parameter=
s<br>
&gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0:hostname &quot;<a href=3D"http://dh-composite.badssl.com" rel=3D"norefe=
rrer" target=3D"_blank">dh-composite.badssl.com</a>&quot;)))<br>
&gt; <br>
&gt; I&#39;ve been meaning to add a :tls keyword to `open-network-stream&#3=
9; that<br>
&gt; would make<br>
&gt; <br>
&gt; (open-network-stream &quot;foo&quot; nil &quot;<a href=3D"http://dh-co=
mposite.badssl.com" rel=3D"noreferrer" target=3D"_blank">dh-composite.badss=
l.com</a>&quot; &quot;https&quot; :tls t)<br>
&gt; <br>
&gt; a short way to write the above.=C2=A0 I.e., the default TLS parameters=
 (which<br>
&gt; is what you need in 99.9% of the cases) would be used if you just say<=
br>
&gt; :tls t.<br>
&gt; <br>
&gt; Does that sound OK to you, Eli?<br>
<br>
</span>Sounds good, but does it really require a new property?=C2=A0 Why no=
t a<br>
special value of the existing :tls-parameters?=C2=A0 For example:<br>
<span class=3D""><br>
=C2=A0 (open-network-stream &quot;foo&quot; nil &quot;<a href=3D"http://dh-=
composite.badssl.com" rel=3D"noreferrer" target=3D"_blank">dh-composite.bad=
ssl.com</a>&quot; &quot;https&quot;<br>
</span>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0:tls-parameters &#39;tls-defaults)<br>
</blockquote></div><br></div>

--00000000000049b94f056fa24635--




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 27 Jun 2018 15:16:33 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Jun 27 11:16:33 2018
Received: from localhost ([127.0.0.1]:37804 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fYCBJ-0001QG-Om
	for submit <at> debbugs.gnu.org; Wed, 27 Jun 2018 11:16:33 -0400
Received: from eggs.gnu.org ([208.118.235.92]:42498)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@HIDDEN>) id 1fYCBC-0001Pz-KE
 for 31946 <at> debbugs.gnu.org; Wed, 27 Jun 2018 11:16:26 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@HIDDEN>) id 1fYCB3-0004qE-OC
 for 31946 <at> debbugs.gnu.org; Wed, 27 Jun 2018 11:16:17 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=disabled
 version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:49222)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@HIDDEN>)
 id 1fYCAv-0004kJ-FL; Wed, 27 Jun 2018 11:16:05 -0400
Received: from [176.228.60.248] (port=1615 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <eliz@HIDDEN>)
 id 1fYCAu-0000GV-AP; Wed, 27 Jun 2018 11:16:04 -0400
Date: Wed, 27 Jun 2018 18:16:08 +0300
Message-Id: <836024qmyv.fsf@HIDDEN>
From: Eli Zaretskii <eliz@HIDDEN>
To: Lars Ingebrigtsen <larsi@HIDDEN>
In-reply-to: <m3bmbwmnen.fsf@HIDDEN> (message from Lars Ingebrigtsen on Wed, 
 27 Jun 2018 14:20:16 +0200)
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN>
 <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <m3lgb0mo0a.fsf@HIDDEN> <m3bmbwmnen.fsf@HIDDEN>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org, wyuenho@HIDDEN, npostavs@HIDDEN
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -6.0 (------)

> From: Lars Ingebrigtsen <larsi@HIDDEN>
> Cc: 31946 <at> debbugs.gnu.org,  Noam Postavsky <npostavs@HIDDEN>, Eli Zaretskii <eliz@HIDDEN>
> Date: Wed, 27 Jun 2018 14:20:16 +0200
> 
> Speaking of which -- it's quite a mouthful to say:
> 
> (open-network-stream
>  "foo" nil "dh-composite.badssl.com" "https"
>  :tls-parameters (cons 'gnutls-x509pki (gnutls-boot-parameters
>                                         :hostname "dh-composite.badssl.com")))
> 
> I've been meaning to add a :tls keyword to `open-network-stream' that
> would make
> 
> (open-network-stream "foo" nil "dh-composite.badssl.com" "https" :tls t)
> 
> a short way to write the above.  I.e., the default TLS parameters (which
> is what you need in 99.9% of the cases) would be used if you just say
> :tls t.
> 
> Does that sound OK to you, Eli?

Sounds good, but does it really require a new property?  Why not a
special value of the existing :tls-parameters?  For example:

  (open-network-stream "foo" nil "dh-composite.badssl.com" "https"
                       :tls-parameters 'tls-defaults)




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 27 Jun 2018 12:20:29 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Jun 27 08:20:29 2018
Received: from localhost ([127.0.0.1]:36941 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fY9Qv-0005Ws-NA
	for submit <at> debbugs.gnu.org; Wed, 27 Jun 2018 08:20:29 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:41970)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fY9Qq-0005Wf-QF
 for 31946 <at> debbugs.gnu.org; Wed, 27 Jun 2018 08:20:24 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=stories)
 by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <larsi@HIDDEN>)
 id 1fY9Qm-0007Ul-BW; Wed, 27 Jun 2018 14:20:19 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN>
 <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 <m3lgb0mo0a.fsf@HIDDEN>
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAHlBMVEUsJSMJBgeTgHDZxq4R
 DQ4RDA0XFBQVEhITEBASDg/8hd4vAAACb0lEQVQ4jW2UwW7bMAyGNQ9w0ts0INh6cx3sBewXGAYa
 qI4d7MNuLTDI2XEdILnXFoul41IXld52P+Vkm4sxgJPwE0mR+mVhrF6YSJZr4dxo7RJe51r3IkY3
 M5j5C3uhphgcs2F0/6BePFGM0c+QI4/+OdV9ubAVpxUjVt0u/PUa4VY4pH4JkNQIZ4cXqeqzmCLc
 CdTVKSJiF4I3A7CtYXhUM0DxtCteC8Dri1PxpxDDoSrk5qfJLqTcyGy7RldWdOjvoSqupJRvXuHx
 jkH0A4PwUOXyfQJ43m7PkN4Knshj9UHevJU/LuTFuczqNVobRNu06lCVRZ5vXhcb8e22RITZI4Ko
 +Yxd5ftsW+GIsnK7dmaXQPdRLGwXd6jRkukaoomo5XIxqBj8Hp23YYAf+VRDSkUir4IP6Jxs72m2
 vYpqUh4d83m0wbspThM9a+sUUuE4MVgtKIzh7nmINOePfMjeWQNgnR+Ng0slPzI41yMC7WMJ/g0x
 7Yp/jprBFFhaznydgR+RYY6ICnnDfgUR6TtUd2q0WmAJUjsf9zvEch7n5BcAhbKXKYmbS6DC1fkI
 gPYOSQRFJjKRBPfr0mgeIn3i4+bx6Wv4t6s7aFhMGN6BQf1HVysWsKCmaVNEKTQfRsUAohfc7SHp
 qcCnZHHlrHlB6O++TqSsZt3lPafieTJgvc1fADaB6I+gXgCMNLwExxqp+H8ARfW4BCu+pNw597EA
 jqfbdU3X0jMLYLDG9ro3FtejBzgaRYJAeMZKzREna6EtmiCtCTrgd4rsrroOVyYx6liVcTy+bMQN
 row8BVKKuE6viO/wbzbJ33SkAH4D9KSGMhJX9M0AAAAASUVORK5CYII=
Date: Wed, 27 Jun 2018 14:20:16 +0200
In-Reply-To: <m3lgb0mo0a.fsf@HIDDEN> (Lars Ingebrigtsen's message of "Wed,
 27 Jun 2018 14:07:17 +0200")
Message-ID: <m3bmbwmnen.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Eli Zaretskii <eliz@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Noam Postavsky <npostavs@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Lars Ingebrigtsen <larsi@HIDDEN> writes:

> To get the connection parameters, say something like:
>
> (gnutls-peer-status (open-network-stream "foo" nil
> "dh-composite.badssl.com" "https" :tls-parameters (cons
> 'gnutls-x509pki (gnutls-boot-parameters :hostname
> "dh-composite.badssl.com"))))

Speaking of which -- it's quite a mouthful to say:

(open-network-stream
 "foo" nil "dh-composite.badssl.com" "https"
 :tls-parameters (cons 'gnutls-x509pki (gnutls-boot-parameters
                                        :hostname "dh-composite.badssl.com")))

I've been meaning to add a :tls keyword to `open-network-stream' that
would make

(open-network-stream "foo" nil "dh-composite.badssl.com" "https" :tls t)

a short way to write the above.  I.e., the default TLS parameters (which
is what you need in 99.9% of the cases) would be used if you just say
:tls t.

Does that sound OK to you, Eli?

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 27 Jun 2018 12:07:24 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Jun 27 08:07:24 2018
Received: from localhost ([127.0.0.1]:36936 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fY9EK-0005DV-FR
	for submit <at> debbugs.gnu.org; Wed, 27 Jun 2018 08:07:24 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:41458)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fY9EI-0005DM-6s
 for 31946 <at> debbugs.gnu.org; Wed, 27 Jun 2018 08:07:22 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=stories)
 by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <larsi@HIDDEN>)
 id 1fY9ED-0002Qr-QC; Wed, 27 Jun 2018 14:07:19 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN>
 <87y3f1njku.fsf@HIDDEN>
 <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAHlBMVEUsJSMJBgeTgHDZxq4R
 DQ4RDA0XFBQVEhITEBASDg/8hd4vAAACb0lEQVQ4jW2UwW7bMAyGNQ9w0ts0INh6cx3sBewXGAYa
 qI4d7MNuLTDI2XEdILnXFoul41IXld52P+Vkm4sxgJPwE0mR+mVhrF6YSJZr4dxo7RJe51r3IkY3
 M5j5C3uhphgcs2F0/6BePFGM0c+QI4/+OdV9ubAVpxUjVt0u/PUa4VY4pH4JkNQIZ4cXqeqzmCLc
 CdTVKSJiF4I3A7CtYXhUM0DxtCteC8Dri1PxpxDDoSrk5qfJLqTcyGy7RldWdOjvoSqupJRvXuHx
 jkH0A4PwUOXyfQJ43m7PkN4Knshj9UHevJU/LuTFuczqNVobRNu06lCVRZ5vXhcb8e22RITZI4Ko
 +Yxd5ftsW+GIsnK7dmaXQPdRLGwXd6jRkukaoomo5XIxqBj8Hp23YYAf+VRDSkUir4IP6Jxs72m2
 vYpqUh4d83m0wbspThM9a+sUUuE4MVgtKIzh7nmINOePfMjeWQNgnR+Ng0slPzI41yMC7WMJ/g0x
 7Yp/jprBFFhaznydgR+RYY6ICnnDfgUR6TtUd2q0WmAJUjsf9zvEch7n5BcAhbKXKYmbS6DC1fkI
 gPYOSQRFJjKRBPfr0mgeIn3i4+bx6Wv4t6s7aFhMGN6BQf1HVysWsKCmaVNEKTQfRsUAohfc7SHp
 qcCnZHHlrHlB6O++TqSsZt3lPafieTJgvc1fADaB6I+gXgCMNLwExxqp+H8ARfW4BCu+pNw597EA
 jqfbdU3X0jMLYLDG9ro3FtejBzgaRYJAeMZKzREna6EtmiCtCTrgd4rsrroOVyYx6liVcTy+bMQN
 row8BVKKuE6viO/wbzbJ33SkAH4D9KSGMhJX9M0AAAAASUVORK5CYII=
Date: Wed, 27 Jun 2018 14:07:17 +0200
In-Reply-To: <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
 (Jimmy Yuen Ho Wong's message of "Wed, 27 Jun 2018 06:09:25 +0100")
Message-ID: <m3lgb0mo0a.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Eli Zaretskii <eliz@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Noam Postavsky <npostavs@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Jimmy Yuen Ho Wong <wyuenho@HIDDEN> writes:

> `(setq gnutls-log-level 999)` in Emacs currently doesn't tell me what
> KX algo was used , it just tells me AES-256-GCM was negotiated as a
> cipher. However,

To get the connection parameters, say something like:

(gnutls-peer-status (open-network-stream "foo" nil "dh-composite.badssl.com=
" "https" :tls-parameters (cons 'gnutls-x509pki (gnutls-boot-parameters :ho=
stname "dh-composite.badssl.com"))))

=3D>

(:certificates ((:version 3 :serial-number "01:f2:02:03:1d:fd:a9:8e:fd:ff:0=
f:72:be:51:06:0d" :issuer "C=3DUS,O=3DDigiCert Inc,CN=3DDigiCert SHA2 Secur=
e Server CA" :valid-from "2017-03-18" :valid-to "2020-03-25" :subject "C=3D=
US,ST=3DCalifornia,L=3DWalnut Creek,O=3DLucas Garron,CN=3D*.badssl.com" :pu=
blic-key-algorithm "RSA" :certificate-security-level "Medium" :signature-al=
gorithm "RSA-SHA256" :public-key-id "sha1:79:65:df:c9:3c:6a:e6:fe:83:81:ec:=
48:22:16:ec:44:ef:47:28:2a" :certificate-id "sha1:ca:53:08:74:6c:1e:06:44:d=
6:3a:f6:1b:f5:81:c7:2a:f9:0c:70:95") (:version 3 :serial-number "01:fd:a3:e=
b:6e:ca:75:c8:88:43:8b:72:4b:cf:bc:91" :issuer "C=3DUS,O=3DDigiCert Inc,OU=
=3Dwww.digicert.com,CN=3DDigiCert Global Root CA" :valid-from "2013-03-08" =
:valid-to "2023-03-08" :subject "C=3DUS,O=3DDigiCert Inc,CN=3DDigiCert SHA2=
 Secure Server CA" :public-key-algorithm "RSA" :certificate-security-level =
"Medium" :signature-algorithm "RSA-SHA256" :public-key-id "sha1:51:bc:4f:77=
:17:08:cf:e5:09:dd:e9:ea:a5:54:8e:91:c0:67:78:53" :certificate-id "sha1:1f:=
b8:6b:11:68:ec:74:31:54:06:2e:8c:9c:c5:b1:71:a4:b7:cc:b4")) :certificate (:=
version 3 :serial-number "01:f2:02:03:1d:fd:a9:8e:fd:ff:0f:72:be:51:06:0d" =
:issuer "C=3DUS,O=3DDigiCert Inc,CN=3DDigiCert SHA2 Secure Server CA" :vali=
d-from "2017-03-18" :valid-to "2020-03-25" :subject "C=3DUS,ST=3DCalifornia=
,L=3DWalnut Creek,O=3DLucas Garron,CN=3D*.badssl.com" :public-key-algorithm=
 "RSA" :certificate-security-level "Medium" :signature-algorithm "RSA-SHA25=
6" :public-key-id "sha1:79:65:df:c9:3c:6a:e6:fe:83:81:ec:48:22:16:ec:44:ef:=
47:28:2a" :certificate-id "sha1:ca:53:08:74:6c:1e:06:44:d6:3a:f6:1b:f5:81:c=
7:2a:f9:0c:70:95") :diffie-hellman-prime-bits 2047 :key-exchange "DHE-RSA" =
:protocol "TLS1.2" :cipher "AES-128-GCM" :mac "AEAD")


--=20
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 27 Jun 2018 05:10:06 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Jun 27 01:10:06 2018
Received: from localhost ([127.0.0.1]:36768 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fY2iL-0007rJ-Du
	for submit <at> debbugs.gnu.org; Wed, 27 Jun 2018 01:10:06 -0400
Received: from mail-io0-f193.google.com ([209.85.223.193]:32897)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wyuenho@HIDDEN>) id 1fY2iG-0007r2-6n
 for 31946 <at> debbugs.gnu.org; Wed, 27 Jun 2018 01:09:56 -0400
Received: by mail-io0-f193.google.com with SMTP id d185-v6so691952ioe.0
 for <31946 <at> debbugs.gnu.org>; Tue, 26 Jun 2018 22:09:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=HZyN1pRyOKoA6s26qIqAOYNzhunfDC3XBXXOQLQar5U=;
 b=pa4SlHNPhzf0UjtVl/iXFd3/5mcyj2vTQuF7a9vGsw690b87tUIbYXA6Ksv9zEWVy9
 XyRxuZSJaNTRJ1KKt/5dwfDO4fjZ0XYdgpFYSd9RtEvQRf4uhC+3jK28v8BP/tvRCBa6
 BZKuJLLY0MGivhh9mQm5QLEms32sLwPOoBJrZ+SCfqlAs24bhm8Bn9jX18nXqA4ocdoa
 +9TH+pg5WumKSBtfAP0P/XFrRAf9Myju5KVtZnHAoby9h2Kthsyme6gv/VfiRWZVUExs
 /dChqC2bBs039orcjZAAq82JsHUlqYUsKtrvlfJArJPTppyx+Kz0rblLKZxdxf0+BWVB
 r0IA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=HZyN1pRyOKoA6s26qIqAOYNzhunfDC3XBXXOQLQar5U=;
 b=J4y0EHBa1C1Q16KkX7MgebNqujAsBtugtgpvtd+mI17KfBS/M34lsSG0C/Byzne4Ia
 N2A4OYh/nGOyF7wb5rHJx+n6muWCQ/pSO03JmLR5/TZXwhMA/S6Axn89bznGVw4D6A99
 fJ7YG5GzNR1OvX5QqVlUN3YfLI5BFAH59l3GS9KLkgWibpbgLyDgXV/GOxMW+e6C6GkP
 llKD7Fbzd0e24r6dawdvagBAem0QtNIsFMjQlQ2yg7ghGUBfu5GMUBuA7FieijV7E7Nx
 sptt0G75w3XV0rmWm8+OXu5YIpLyQDMLtS/GeJmoSRKHFBDuLvxSHDt51DEVcrSCs6CE
 R6fQ==
X-Gm-Message-State: APt69E0CCYN+rv63WUFdYcUIQssswVrNvkbXte7vGPK2hGIaSAMjsnPq
 ZzoKTf9UXlnugLgCfQUlaaesD/Uog2EdnPRsdrs=
X-Google-Smtp-Source: AAOMgpdDN5dOe+/Q+L+IoQ2oWEDB+cEu04kngn5oWVqP+BHGwAwVL7wyze+wX64j2UNzMlYvfRMN0IMwgav6fJ+OgZI=
X-Received: by 2002:a6b:e008:: with SMTP id
 z8-v6mr3578151iog.296.1530076186381; 
 Tue, 26 Jun 2018 22:09:46 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:985d:0:0:0:0:0 with HTTP; Tue, 26 Jun 2018 22:09:25
 -0700 (PDT)
In-Reply-To: <87y3f1njku.fsf@HIDDEN>
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN> <87y3f1njku.fsf@HIDDEN>
From: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Date: Wed, 27 Jun 2018 06:09:25 +0100
Message-ID: <CAKDRQS4MnAJfwxtQoss5vFikpwyzt-7tG3Ghkc+whSdsP9C2cA@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
To: Noam Postavsky <npostavs@HIDDEN>
Content-Type: multipart/alternative; boundary="000000000000919ecc056f989fdc"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Eli Zaretskii <eliz@HIDDEN>, 31946 <at> debbugs.gnu.org,
 Lars Ingebrigtsen <larsi@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

--000000000000919ecc056f989fdc
Content-Type: text/plain; charset="UTF-8"

On Wed, Jun 27, 2018 at 1:45 AM, Noam Postavsky <npostavs@HIDDEN> wrote:

> Eli Zaretskii <eliz@HIDDEN> writes:
>
> >> From: Lars Ingebrigtsen <larsi@HIDDEN>
> >> Date: Tue, 26 Jun 2018 11:27:34 +0200
> >> Cc: 31946 <at> debbugs.gnu.org, Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
> >>
> >> We could get in touch with the gnutls maintainer and ask for his input
> >> and perhaps ask for API endpoints to allow us to check for these things?
> >
> > Yes, I think that's the right way for moving forward.
>
> By the way, I've researched this a bit more, it seems like there is no
> practical way to detect small subgroups at all, the only solution is to
> move to standardized domains (the smallest of which is 2048 bits)
> similar to how ECDHE uses standard curves.  This also solves the
> composite prime problem, which is likely too expensive to check as well.
>
> https://tools.ietf.org/html/rfc7919:
>
>    Additionally, the DH parameters selected by the server may have a
>    known structure that renders them secure against a small subgroup
>    attack, but a client receiving an arbitrary p and g has no efficient
>    way to verify that the structure of a new group is reasonable for
>    use.
>

According to Dorey et all [1], the RFC you've linked is one of the 4
strategies she
proposed, and the the most feasible in 2016 but still computationally
expensive.

Another strategy involves disabling DHE, which she didn't really like as
that will be
TLS 1.3's only fallback, but Safari[2], Chrome[3] have since removed them,
and Firefox
[4] is on the verge, so I think this option is also viable for Emacs. Just
need to pick out the
appripriate DHE ciphers and add a - for everyone of them in the constructed
priority string
in `gnutls-boot`.

As to why these browsers are still "failing" the dh-small-subgroup and
dh-composite tests,
the negotiated ciphersuite on both Chrome and Firefox is
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, so the effects of small subgroup
attack is basically mitigated (if I understand the papers correctly).

`(setq gnutls-log-level 999)` in Emacs currently doesn't tell me what KX
algo was used
, it just tells me AES-256-GCM was negotiated as a cipher. However,

`$ gnutls-cli -V --x509cafile /opt/local/etc/openssl/cert.pem -p 443
dh-small-subgroup.badssl.com`

gives me

- Status: The certificate is trusted.
- Description: (TLS1.2)-(DHE-RSA-2048)-(AES-128-GCM)
- Session ID: ...
- Ephemeral Diffie-Hellman parameters
 - Using prime: 2048 bits
 - Secret key: 507 bits
 - Peer's public key: 2048 bits
 - PKCS#3 format:

-----BEGIN DH PARAMETERS-----
...
-----END DH PARAMETERS-----

- Version: TLS1.2
- Key Exchange: DHE-RSA
- Server Signature: RSA-SHA512
- Cipher: AES-128-GCM
- MAC: AEAD
- Compression: NULL
- Options: safe renegotiation,
- Channel binding 'tls-unique': ...
- Handshake was completed

This is just plain... weird. It's TLS_DHE_RSA_AES_128_GCM_SHA512 with 2048
bit prime, and it's nowhere to be found in browsers' ciphersuites.
Although, TLS_DHE_RSA_AES_128_GCM_SHA256 does still exist on browsers,
and does offer perfect forward secrecy according to SSLLabs[5], but it's
fairly low in
their preferences.

So.... this look o...kay if you cut out the signature algorithm? Someone
should
doublecheck this.

Alternatively, we can wait for widespread adaption of TLS 1.3 (Cloudflare
predicts
50% of TLS connection will be 1.3 by the end of this year[6]), time fixes
everything...

Tidbit: The GnuTLS basically ignored a group of Adobe researchers when they
reported to them GnuTLS was susceptible to the small group attack[7]...

[1]: https://eprint.iacr.org/2016/999.pdf
[2]: https://groups.google.com/a/chromium.org/forum/#!topic/
blink-dev/AAdv838-koo
[3]: https://www.chromestatus.com/feature/5128908798164992
[4]: https://bugzilla.mozilla.org/show_bug.cgi?id=1227519
[5]: https://www.ssllabs.com/ssltest/viewMyClient.html
[6]: https://blog.cloudflare.com/our-predictions-for-2018/
[7]: https://eprint.iacr.org/2016/995.pdf

--000000000000919ecc056f989fdc
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">On Wed, Jun 27, 2018 at 1:45 AM, Noam Postavsky <span dir=
=3D"ltr">&lt;<a href=3D"mailto:npostavs@HIDDEN" target=3D"_blank">nposta=
vs@HIDDEN</a>&gt;</span> wrote:<br><div class=3D"gmail_extra"><div class=
=3D"gmail_quote"><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px =
0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div cla=
ss=3D"m_5723726409390589933gmail-HOEnZb"><div class=3D"m_572372640939058993=
3gmail-h5">Eli Zaretskii &lt;<a href=3D"mailto:eliz@HIDDEN" target=3D"_bla=
nk">eliz@HIDDEN</a>&gt; writes:<br>
<br>
&gt;&gt; From: Lars Ingebrigtsen &lt;<a href=3D"mailto:larsi@HIDDEN" targ=
et=3D"_blank">larsi@HIDDEN</a>&gt;<br>
&gt;&gt; Date: Tue, 26 Jun 2018 11:27:34 +0200<br>
&gt;&gt; Cc: <a href=3D"mailto:31946 <at> debbugs.gnu.org" target=3D"_blank">319=
46 <at> debbugs.gnu.org</a>, Jimmy Yuen Ho Wong &lt;<a href=3D"mailto:wyuenho@gm=
ail.com" target=3D"_blank">wyuenho@HIDDEN</a>&gt;<br>
&gt;&gt; <br>
&gt;&gt; We could get in touch with the gnutls maintainer and ask for his i=
nput<br>
&gt;&gt; and perhaps ask for API endpoints to allow us to check for these t=
hings?<br>
&gt;<br>
&gt; Yes, I think that&#39;s the right way for moving forward.<br>
<br>
</div></div>By the way, I&#39;ve researched this a bit more, it seems like =
there is no<br>
practical way to detect small subgroups at all, the only solution is to<br>
move to standardized domains (the smallest of which is 2048 bits)<br>
similar to how ECDHE uses standard curves.=C2=A0 This also solves the<br>
composite prime problem, which is likely too expensive to check as well.<br=
>
<br>
<a href=3D"https://tools.ietf.org/html/rfc7919" rel=3D"noreferrer" target=
=3D"_blank">https://tools.ietf.org/html/rf<wbr>c7919</a>:<br>
<br>
=C2=A0 =C2=A0Additionally, the DH parameters selected by the server may hav=
e a<br>
=C2=A0 =C2=A0known structure that renders them secure against a small subgr=
oup<br>
=C2=A0 =C2=A0attack, but a client receiving an arbitrary p and g has no eff=
icient<br>
=C2=A0 =C2=A0way to verify that the structure of a new group is reasonable =
for<br>
=C2=A0 =C2=A0use.<br>
</blockquote></div></div><div class=3D"gmail_extra"><div><br></div><div>Acc=
ording to Dorey et all [1], the RFC you&#39;ve linked is one of the 4 strat=
egies she</div><div>proposed, and the the most feasible in 2016 but still c=
omputationally expensive.<br><br> </div><div>Another strategy involves disa=
bling DHE, which she didn&#39;t really like as that will be</div><div>TLS 1=
.3&#39;s only fallback, but Safari[2], Chrome[3] have since removed them, a=
nd Firefox</div><div>[4] is on the verge, so I think this option is also vi=
able for Emacs. Just need to pick out the</div><div>appripriate DHE ciphers=
 and add a - for everyone of them in the constructed priority string</div><=
div>in `gnutls-boot`.<br></div><div><br> </div><div>As to why these browser=
s are still &quot;failing&quot; the dh-small-subgroup and dh-composite test=
s,</div><div> the negotiated ciphersuite on both Chrome and Firefox is<br><=
/div><div> TLS_ECDHE_RSA_WITH_AES_128_<wbr>GCM_SHA256, so the effects of sm=
all subgroup</div><div>attack is basically mitigated (if I understand the p=
apers correctly).<br><br></div><div>`(setq gnutls-log-level 999)` in Emacs =
currently doesn&#39;t tell me what KX algo was used</div><div>, it just tel=
ls me AES-256-GCM was negotiated as a cipher. However,</div><div><br></div>=
<div>`$ gnutls-cli -V --x509cafile /opt/local/etc/openssl/cert.<wbr>pem -p =
443 <a href=3D"http://dh-small-subgroup.badssl.com" target=3D"_blank">dh-sm=
all-subgroup.badssl.com</a>`</div><div><br></div><div>gives me<br><br>- Sta=
tus: The certificate is trusted. <br>- Description: (TLS1.2)-(DHE-RSA-2048)=
-(AES-<wbr>128-GCM)<br>- Session ID: ...<br>- Ephemeral Diffie-Hellman para=
meters<br>=C2=A0- Using prime: 2048 bits<br>=C2=A0- Secret key: 507 bits<br=
>=C2=A0- Peer&#39;s public key: 2048 bits<br>=C2=A0- PKCS#3 format:<br><br>=
-----BEGIN DH PARAMETERS-----<br>...<br>-----END DH PARAMETERS-----<br><br>=
- Version: TLS1.2<br>- Key Exchange: DHE-RSA<br>- Server Signature: RSA-SHA=
512<br>- Cipher: AES-128-GCM<br>- MAC: AEAD<br>- Compression: NULL<br>- Opt=
ions: safe renegotiation,<br>- Channel binding &#39;tls-unique&#39;: ...<br=
>- Handshake was completed<br></div><div><br></div><div>This is just plain.=
.. weird. It&#39;s TLS_DHE_RSA_AES_128_GCM_SHA512 with 2048</div><div class=
=3D"gmail_extra"> bit prime, and it&#39;s nowhere to be found in browsers&#=
39; ciphersuites.</div><div class=3D"gmail_extra">Although, TLS_DHE_RSA_AES=
_128_GCM_SHA256 does still exist on browsers,</div><div class=3D"gmail_extr=
a">and does offer perfect forward secrecy according to SSLLabs[5], but it&#=
39;s fairly low in</div><div class=3D"gmail_extra"> their preferences.<br><=
br>So.... this look o...kay if you cut out the signature algorithm? Someone=
 should <br></div><div class=3D"gmail_extra">doublecheck this.<br></div></d=
iv><div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">Alternat=
ively, we can wait for widespread adaption of TLS 1.3 (Cloudflare predicts =
<br></div><div class=3D"gmail_extra">50% of TLS connection will be 1.3 by t=
he end of this year[6]), time fixes everything...<br></div><div class=3D"gm=
ail_extra"><br></div><div class=3D"gmail_extra">Tidbit: The GnuTLS basicall=
y ignored a group of Adobe researchers when they</div><div class=3D"gmail_e=
xtra">reported to them GnuTLS was susceptible to the small group attack[7].=
..<br></div><div class=3D"gmail_extra"><div><br>[1]: <a href=3D"https://epr=
int.iacr.org/2016/999.pdf" target=3D"_blank">https://eprint.iacr.org/2016/<=
wbr>999.pdf</a></div>[2]: <a href=3D"https://groups.google.com/a/chromium.o=
rg/forum/#!topic/blink-dev/AAdv838-koo" target=3D"_blank">https://groups.go=
ogle.com/a/<wbr>chromium.org/forum/#!topic/<wbr>blink-dev/AAdv838-koo</a></=
div><div class=3D"gmail_extra">[3]: <a href=3D"https://www.chromestatus.com=
/feature/5128908798164992" target=3D"_blank">https://www.chromestatus.com/<=
wbr>feature/5128908798164992</a></div><div class=3D"gmail_extra">[4]: <a hr=
ef=3D"https://bugzilla.mozilla.org/show_bug.cgi?id=3D1227519" target=3D"_bl=
ank">https://bugzilla.mozilla.org/<wbr>show_bug.cgi?id=3D1227519</a></div><=
div class=3D"gmail_extra">[5]: <a href=3D"https://www.ssllabs.com/ssltest/v=
iewMyClient.html" target=3D"_blank">https://www.ssllabs.com/<wbr>ssltest/vi=
ewMyClient.html</a><br></div><div class=3D"gmail_extra">[6]: <a href=3D"htt=
ps://blog.cloudflare.com/our-predictions-for-2018/" target=3D"_blank">https=
://blog.cloudflare.com/<wbr>our-predictions-for-2018/</a></div><div class=
=3D"gmail_extra">[7]: <a href=3D"https://eprint.iacr.org/2016/995.pdf" targ=
et=3D"_blank">https://eprint.iacr.org/2016/<wbr>995.pdf</a><br></div></div>

--000000000000919ecc056f989fdc--




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 27 Jun 2018 00:45:38 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jun 26 20:45:38 2018
Received: from localhost ([127.0.0.1]:36720 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fXyaV-0001j2-7A
	for submit <at> debbugs.gnu.org; Tue, 26 Jun 2018 20:45:38 -0400
Received: from mail-it0-f44.google.com ([209.85.214.44]:32769)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <npostavs@HIDDEN>) id 1fXyaO-0001ii-VN
 for 31946 <at> debbugs.gnu.org; Tue, 26 Jun 2018 20:45:33 -0400
Received: by mail-it0-f44.google.com with SMTP id k17-v6so16893824ita.0
 for <31946 <at> debbugs.gnu.org>; Tue, 26 Jun 2018 17:45:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=M+qG7YU5YrriUJWI/68lg+eFW6JFtrPmW1KKblOGa+k=;
 b=ZLyyueaLi94lNIxVHODSsgEnggkFOIWsVebmSeiJk/R0xYpUoFIud9bDuEI+VqJAHc
 FtyDtkStNZxbDx/a+4dDK3EOsKtSHSHMxyioDXUT7PqHqbjKM67Ku3TyX4lq2+2oeSfH
 5A2YgplbZd11Erc/ecWh2sa7/vR2XP6uo0SMnoOxzJYxdLAu4y8aOb51DDrGKGMCAah4
 6w3SCVes9T6gPc+7eyrXlpeyLh5QymSH9lnFPRXWR1/OXWVVr8EFT5ilC7wJ/eHdwK6E
 a3Gd8IFVvXgWfdXVFUK8uOZcjAqEdYGWr8Q8UJ86ZYdkE/M4IlvFYmkVYgvjULk1FfRu
 i/Kg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version;
 bh=M+qG7YU5YrriUJWI/68lg+eFW6JFtrPmW1KKblOGa+k=;
 b=otiF1mEJr63KMXPES03zKobozw5bT/0P2zH0caDgEdgwvjjm2+5ac7k33gNxq58ZG7
 4FIh7IxFmq/IaeCM4LIkHBVRPLtln+T5xEkO97SaVvTD2w69+WpCHCSzTRvq1leybwLa
 ta0jzY+yaXDipPpoRAfLoZG5DwpXhp0WfsEV4mK92V0n/chobHplRhrwxr/5/Gu//J7y
 lTelNWXIj1YsQG3htkDkSX9/qf4Dh0ripOAlUmV2nQOJcduq4Yvx0kES/esA1NbZuTag
 KpnZ6OnV7W+mQgctEMDcTRYQDBz3V+HDbJw4vxH2qb2gYMskPhNHztU/AYAFbMJdOCRE
 c6BA==
X-Gm-Message-State: APt69E3P5CVzytcQvTQcp5fHRXan6jSg0+t3PUNAPQ72pZc6yaxTjs2p
 vUx6bupumNNipc+K3hifZh4=
X-Google-Smtp-Source: AAOMgpewv+YCv+6bYH3u1MhrDkKB5gGegM+jhwmgrK3QMgWxqInKZrAlvHTwpjWowJbf3YaK6oOkvg==
X-Received: by 2002:a24:798f:: with SMTP id
 z137-v6mr3118717itc.19.1530060323397; 
 Tue, 26 Jun 2018 17:45:23 -0700 (PDT)
Received: from zebian (cbl-45-2-119-34.yyz.frontiernetworks.ca. [45.2.119.34])
 by smtp.googlemail.com with ESMTPSA id
 g2-v6sm1382981ioa.47.2018.06.26.17.45.22
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Tue, 26 Jun 2018 17:45:22 -0700 (PDT)
From: Noam Postavsky <npostavs@HIDDEN>
To: Eli Zaretskii <eliz@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN> <83in65r4n9.fsf@HIDDEN>
Date: Tue, 26 Jun 2018 20:45:21 -0400
In-Reply-To: <83in65r4n9.fsf@HIDDEN> (Eli Zaretskii's message of "Tue, 26 Jun
 2018 17:42:02 +0300")
Message-ID: <87y3f1njku.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 31946 <at> debbugs.gnu.org,
 wyuenho@HIDDEN
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Eli Zaretskii <eliz@HIDDEN> writes:

>> From: Lars Ingebrigtsen <larsi@HIDDEN>
>> Date: Tue, 26 Jun 2018 11:27:34 +0200
>> Cc: 31946 <at> debbugs.gnu.org, Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
>> 
>> We could get in touch with the gnutls maintainer and ask for his input
>> and perhaps ask for API endpoints to allow us to check for these things?
>
> Yes, I think that's the right way for moving forward.

By the way, I've researched this a bit more, it seems like there is no
practical way to detect small subgroups at all, the only solution is to
move to standardized domains (the smallest of which is 2048 bits)
similar to how ECDHE uses standard curves.  This also solves the
composite prime problem, which is likely too expensive to check as well.

https://tools.ietf.org/html/rfc7919:

   Additionally, the DH parameters selected by the server may have a
   known structure that renders them secure against a small subgroup
   attack, but a client receiving an arbitrary p and g has no efficient
   way to verify that the structure of a new group is reasonable for
   use.




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 26 Jun 2018 14:42:16 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jun 26 10:42:16 2018
Received: from localhost ([127.0.0.1]:36347 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fXpAa-0000cx-QJ
	for submit <at> debbugs.gnu.org; Tue, 26 Jun 2018 10:42:16 -0400
Received: from eggs.gnu.org ([208.118.235.92]:55944)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@HIDDEN>) id 1fXpAZ-0000ck-Sh
 for 31946 <at> debbugs.gnu.org; Tue, 26 Jun 2018 10:42:12 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@HIDDEN>) id 1fXpAU-0001A9-1d
 for 31946 <at> debbugs.gnu.org; Tue, 26 Jun 2018 10:42:06 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=disabled
 version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:58720)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@HIDDEN>)
 id 1fXpAO-00015K-IA; Tue, 26 Jun 2018 10:42:00 -0400
Received: from [176.228.60.248] (port=2606 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <eliz@HIDDEN>)
 id 1fXpAN-0006VG-Ux; Tue, 26 Jun 2018 10:42:00 -0400
Date: Tue, 26 Jun 2018 17:42:02 +0300
Message-Id: <83in65r4n9.fsf@HIDDEN>
From: Eli Zaretskii <eliz@HIDDEN>
To: Lars Ingebrigtsen <larsi@HIDDEN>
In-reply-to: <m3tvppq4mx.fsf@HIDDEN> (message from Lars Ingebrigtsen on Tue, 
 26 Jun 2018 11:27:34 +0200)
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <m3tvppq4mx.fsf@HIDDEN>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org, npostavs@HIDDEN, wyuenho@HIDDEN
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -6.0 (------)

> From: Lars Ingebrigtsen <larsi@HIDDEN>
> Date: Tue, 26 Jun 2018 11:27:34 +0200
> Cc: 31946 <at> debbugs.gnu.org, Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
> 
> We could get in touch with the gnutls maintainer and ask for his input
> and perhaps ask for API endpoints to allow us to check for these things?

Yes, I think that's the right way for moving forward.




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 26 Jun 2018 14:38:40 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jun 26 10:38:40 2018
Received: from localhost ([127.0.0.1]:36338 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fXp7A-0000X5-1K
	for submit <at> debbugs.gnu.org; Tue, 26 Jun 2018 10:38:40 -0400
Received: from eggs.gnu.org ([208.118.235.92]:55079)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@HIDDEN>) id 1fXp77-0000Wp-5e
 for 31946 <at> debbugs.gnu.org; Tue, 26 Jun 2018 10:38:38 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@HIDDEN>) id 1fXp6w-0007R6-RF
 for 31946 <at> debbugs.gnu.org; Tue, 26 Jun 2018 10:38:31 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled
 version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:58677)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@HIDDEN>)
 id 1fXp6w-0007Qw-Ne; Tue, 26 Jun 2018 10:38:26 -0400
Received: from [176.228.60.248] (port=2384 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <eliz@HIDDEN>)
 id 1fXp6w-00067W-3H; Tue, 26 Jun 2018 10:38:26 -0400
Date: Tue, 26 Jun 2018 17:38:28 +0300
Message-Id: <83lgb1r4t7.fsf@HIDDEN>
From: Eli Zaretskii <eliz@HIDDEN>
To: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
In-reply-to: <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
 (message from Jimmy Yuen Ho Wong on Tue, 26 Jun 2018 07:26:20 +0100)
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
 <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 31946
Cc: larsi@HIDDEN, 31946 <at> debbugs.gnu.org, npostavs@HIDDEN
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -6.0 (------)

> From: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
> Date: Tue, 26 Jun 2018 07:26:20 +0100
> Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 31946 <at> debbugs.gnu.org
> 
> 1. Forget about defining what tests belongs in what levels, there should just be one level which is the default
> sets of tests, let's call this coarse grain setting.
> 2. Fine grain settings should only allow you to **add** to the default list of checks, so it will be a defcustom of
> an alist (there's prior art of this), let's call this `nsm-additional-checks`
> 3. We can predefine a bunch of check functions that users can add to `nsm-additional-checks` without having
> to write their own.

FWIW, I don't think this will fly with our users: Emacs users don't
like to be second-guessed, nor be told that "Emacs knows better".  And
even if we do go that way, Emacs is not a black box: people will soon
enough discover what we want to conceal, and will do what they want
regardless.

What we can, and probably should, do is prominently document each test
and warn against removing or weakening those which will expose users
to security vulnerabilities.




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 26 Jun 2018 12:44:34 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jun 26 08:44:34 2018
Received: from localhost ([127.0.0.1]:35737 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fXnKj-0005y2-Pr
	for submit <at> debbugs.gnu.org; Tue, 26 Jun 2018 08:44:33 -0400
Received: from mail-it0-f44.google.com ([209.85.214.44]:52461)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <npostavs@HIDDEN>) id 1fXnKh-0005xo-LI
 for 31946 <at> debbugs.gnu.org; Tue, 26 Jun 2018 08:44:32 -0400
Received: by mail-it0-f44.google.com with SMTP id m194-v6so2094971itg.2
 for <31946 <at> debbugs.gnu.org>; Tue, 26 Jun 2018 05:44:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=dv4fyfgkxg5cp1/8VeioF1Cy5wGjR/1Y9ix503OZ0IM=;
 b=S64od94+C3+MhqiKxUWicQXkspEiPEEo6ppN0HSuI2rtUXjjAJTXqs0IMJpVtT5hSN
 UH0NEVivKRD9McVA67k8VMV9/TwBkpRtoE6YU91d3ls7zXNfAbdkFkNydoPkcrHgKsKW
 bzOv4Fya0zpPYuVDlCivamunf3dSy5u4Bgj7Jrdms2fIOjiDN/1xAFkwAr7mfZZGA6f1
 GyhRLcGtLt4PMQGpD6PMb0UUuau7QEH/7zVQbDdp6uqxpJFRxlH9YVvXIQbcsZ3EgpMS
 zrSBqye1vGduGvoKqPRuW8xpuFIUTHEgxmfsoABBCf+PNkdOLHff7Jl++KP3KQLuSY5r
 TQZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version;
 bh=dv4fyfgkxg5cp1/8VeioF1Cy5wGjR/1Y9ix503OZ0IM=;
 b=E1sz48bTaga/WFam8PbreTBaihChV2JdpRvxSceYHlcX8hzcpWIwnmgj9FTX1jYEfv
 BpiHaEX8V3FRe9dPMmlIXcd7EkPW1fp5E3DYKGoLBMHB7+1QpkRZJCekq/xd7Cy8HVsJ
 HYUZIgo9H9fudItrRVDrOYtFj3WChgSdXwuECtZ+L9FUIf8sPazZRToJ5UIgyt/efTFD
 mSmym9zTzZmyjZyiTwm/onmKGWtxvu1mBlgDEIoQ8EBKKliTy0Ze/6YcrbrQF8Id/eLk
 3Hse+MvpC5G5DlkzRlp/qS8Esmy7ZwQN0xWuMgdUH0LPWDD0GQOPBlYconT7fiqrk443
 g6Ng==
X-Gm-Message-State: APt69E3X+QJLh2beXXY3/BpmkgcUbI8jVm4vWMb+NzH/kGCGKzPtBGzL
 izxlqrcAFyqcsy4XbZYHD6/pxQ==
X-Google-Smtp-Source: AAOMgpe0RtOvN542iSdpoN8mgXmEckuAwrWgVMaCuX/s++j3qg+cN70fHwjyuV8EJOJ+vYY6VW2GBA==
X-Received: by 2002:a02:4b84:: with SMTP id
 q126-v6mr1146879jaa.130.1530017065957; 
 Tue, 26 Jun 2018 05:44:25 -0700 (PDT)
Received: from zebian (cbl-45-2-119-34.yyz.frontiernetworks.ca. [45.2.119.34])
 by smtp.googlemail.com with ESMTPSA id
 l142-v6sm506379itb.21.2018.06.26.05.44.24
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Tue, 26 Jun 2018 05:44:25 -0700 (PDT)
From: Noam Postavsky <npostavs@HIDDEN>
To: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
 <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
Date: Tue, 26 Jun 2018 08:44:23 -0400
In-Reply-To: <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
 (Jimmy Yuen Ho Wong's message of "Tue, 26 Jun 2018 07:26:20 +0100")
Message-ID: <874lhppviw.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 31946 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Jimmy Yuen Ho Wong <wyuenho@HIDDEN> writes:

> 4. For dh-small-subgroup and dh-composite, the only way to check this in
> LISP seems to be to supply `:min-prime-bits 2048` to
> `gnutls-boot-parameters`.

It only blocks dh-composite, not dh-small-subgroup for me.  And I think
that's just a coincidence: dh-composite.badssl.com site sends a 2047 bit
DH "prime" while dh-small-subgroup.badssl.com sends a 2048 bit DH prime.
But it's certainly possible to send a 2048 bit composite as the "prime"
which would wouldn't be blocked either.  I would guess the 2047 bit
parameter was intended to be 2048, but the top bit just happened to
generate as 0.




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 26 Jun 2018 09:27:40 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jun 26 05:27:40 2018
Received: from localhost ([127.0.0.1]:35634 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fXkGC-0007k7-4j
	for submit <at> debbugs.gnu.org; Tue, 26 Jun 2018 05:27:40 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:47683)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fXkGA-0007jy-LI
 for 31946 <at> debbugs.gnu.org; Tue, 26 Jun 2018 05:27:39 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=stories)
 by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <larsi@HIDDEN>)
 id 1fXkG6-0007jU-93; Tue, 26 Jun 2018 11:27:36 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: Noam Postavsky <npostavs@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAElBMVEX9ZQD+kAD+eADtFADW
 BgD4OgC8Ld+8AAACT0lEQVQ4jW2Uy5LjIAxFZRL2Nl3eAx7vHQv23YOyx3b0/78yEk6q011Dyg90
 0NVFlANE2AafI58zJDhByS184AlKEoA/gLzKLwkoGWUq8SZ26hSVygce+VUCWaZ4UKlXWDzibpmB
 uc7MhjHPRMsHZMi8j8yBee+ZuwtmnwgT3EWh2pnB8u75qFaUj1QEzHbncfK2xhgAb9tiqyz6AzTP
 K35MEy7gocd1VQWeEpSDb8c4+mOBaEfJ2AVUOGTnund1LJYv4h2T7rk0UJ4NWtrOJZBIWiLRhFix
 tSnppqm8ge3MaTIJSZtIIo1ms9KMenB+5OMhhCARW4tw26rN8zTZ5ZItVwGIwJb464uJ5nS1n5dl
 XVoNkWLa1/XvleJ4/ZSG3IsVcNdeXqmYB9HjqtapDWk70TbSfZho7R8ENqlZAZ99om2mMjzo1kvi
 jIXb0S7S/X1O2F0lg8rWY3aXtPZwt5qRtIae0DYJQFxnBWWZKXcHLaP4kBMMB+4zmOghOIABoHMW
 TG/c0MsDwvD/8RO4+A0G9wbCC8jxh/cUpxOna+MvqSAx5+QWfoIYhiDr9fG7eIhRLxchvkiTdxqL
 DZjhSZo772M4ITTZl9m23ESFADEO7txLk3DnDaRXcYhaNnoGXe07NWAko4u6ySCbBeeN19oeAHZj
 TmNCg/P+9CSoRhO0iAvBtQQncpIA1WgZqROiC1GPx0RQqaq+FAkMahKeQ75XcdCd8Bmrujyzvhr1
 J6tti1dun3cjYkMqw/OvRgjIVZ8Kxlt7Bu0LWPguqUPAP7QPtxAVUiQZAAAAAElFTkSuQmCC
Date: Tue, 26 Jun 2018 11:27:34 +0200
In-Reply-To: <87fu1apchn.fsf@HIDDEN> (Noam Postavsky's message of "Mon, 25
 Jun 2018 21:23:16 -0400")
Message-ID: <m3tvppq4mx.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org, Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Noam Postavsky <npostavs@HIDDEN> writes:

>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 "https://d=
h-small-subgroup.badssl.com/"=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 ;; =
fail
>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 "https://d=
h-composite.badssl.com/"=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0 ;; fail
>
> So these ones seem kind of problematic, as alluded to on emacs-devel.
> It doesn't look like gnutls has an API to get or check the value of the
> DH primes (calc-prime-test bails out when given a 1024 bit prime, so we
> definitely need library support for this).

But they may not that urgent, if I understand things correctly.  Current
Firefox, for instance, does not seem to warn about this.

We could get in touch with the gnutls maintainer and ask for his input
and perhaps ask for API endpoints to allow us to check for these things?

--=20
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 26 Jun 2018 06:26:55 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jun 26 02:26:55 2018
Received: from localhost ([127.0.0.1]:35562 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fXhRE-0001UY-9E
	for submit <at> debbugs.gnu.org; Tue, 26 Jun 2018 02:26:55 -0400
Received: from mail-it0-f45.google.com ([209.85.214.45]:40822)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wyuenho@HIDDEN>) id 1fXhR8-0001UF-Je
 for 31946 <at> debbugs.gnu.org; Tue, 26 Jun 2018 02:26:50 -0400
Received: by mail-it0-f45.google.com with SMTP id 188-v6so627843ita.5
 for <31946 <at> debbugs.gnu.org>; Mon, 25 Jun 2018 23:26:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=GNug9nICkp3Lw/X230g/IyuaWvNTzgN6kSAIOwD27bM=;
 b=EBfpZKS9p5YgLhfnr9+D3wcY/+3ZnhcJGvFCGXI6RkiSpzZY9pQ2b6T6+tc8Od+pSn
 xkunK7zEHcw+3y2lLlkQbgk/eEXhMC0dtlC4PDPDiDYkNsVmVJCl++pes/d8m8OkZPyM
 WK1lighmN0oiHCMx6uReZ9EdYaR/FEyaTXBdx7WbSCHLP/hW5FdBAtqrLGOJrWVzhr11
 Enlm5TBt983k0oFGhYCk2FlSuhc+QqoHP5JfaIordPPKajniDvj5MMFlmSg55+asYOrl
 zPWBrHkru0EDoBLg9CGybr31kI8xMWNXqOvTEufBydojdDVv+kQapXCfKmiQlGG3dsGl
 GwSQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=GNug9nICkp3Lw/X230g/IyuaWvNTzgN6kSAIOwD27bM=;
 b=gHKzzayGhSBP49Bp2EVzYUsiGgvFmV7qyRRbYzHBStAGeoLQ9uVz5Y49HgZhHncpqy
 T67skRUtcUBKu2DLOrRLyuISVMGQ/3OlDiiWt0oWaThlf13FlWN4Dg5auZdBsrZjfCIF
 /3nm6glzA3dJed1Acdwo0LsU4hhUm4vm2J8ZdxprOyU0Vp35BRgne+BYLq6ATq8wfHU3
 WJ3KsCqcTfIWkYYkoy2RG9505v3+ngfWxNXIhdWykH6B0iRGEEsFFO80tfgR2Lw9/ceO
 VpKu65usQ41PBf5e6r8rAr+rw6mYjeeytl4x0i96TO/w+lUjWjT5lSn9v/je9xDxs/Kp
 1vDA==
X-Gm-Message-State: APt69E0X8A3xLF+irYAgPEgEVbqu0zHU+Os53yBiGPC2i5LZN3dcuFTb
 Ub55KfFJYjAHB25uq25mB16UOyB1ZDx/RRcbjgI=
X-Google-Smtp-Source: ADUXVKLkFHHPkOGwABCRByJvqxK/nul3pWywW9D+gpSr6i/QWGzZIiy3qICdocsWxmNPfaCQxoITVF2Kx+E8beBsxik=
X-Received: by 2002:a24:7311:: with SMTP id
 y17-v6mr411767itb.105.1529994400900; 
 Mon, 25 Jun 2018 23:26:40 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:985d:0:0:0:0:0 with HTTP; Mon, 25 Jun 2018 23:26:20
 -0700 (PDT)
In-Reply-To: <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
 <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
From: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Date: Tue, 26 Jun 2018 07:26:20 +0100
Message-ID: <CAKDRQS44d1==5PkFon3Zgujm4G2FjR9RmK27H+RF7gOJOMKzPA@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
To: Noam Postavsky <npostavs@HIDDEN>
Content-Type: multipart/alternative; boundary="000000000000c62c2f056f8594ae"
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 31946 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

--000000000000c62c2f056f8594ae
Content-Type: text/plain; charset="UTF-8"

Sorry I was confused in my last reply about modern browsers not allowing
you to accept certs. Chrome just hides that functionality really well, so
forget about my proposal earlier. (one should not reply to emails at 5 in
the morning) Here's my new proposal:

1. Forget about defining what tests belongs in what levels, there should
just be one level which is the default sets of tests, let's call this
coarse grain setting.
2. Fine grain settings should only allow you to **add** to the default list
of checks, so it will be a defcustom of an alist (there's prior art of
this), let's call this `nsm-additional-checks`
3. We can predefine a bunch of check functions that users can add to
`nsm-additional-checks` without having to write their own.
4. For dh-small-subgroup and dh-composite, the only way to check this in
LISP seems to be to supply `:min-prime-bits 2048` to
`gnutls-boot-parameters`. In which case GnuTLS will fail with fatal alert
for both counts. A user will not be able to accept dh-small-subgroup and
dh-composite certs if checks for them are enabled. This is fine, as a user
is not able to accept RC4 certs via NSM now, browsers also do it this way.

On Tue, Jun 26, 2018 at 5:11 AM, Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
wrote:

> `dh-composite` can be mitigated by using the "NORMAL:%PROFILE_MEDIUM"
> priority string[1], "NORMAL:%PROFILE_HIGH" [2] will pass all 26 badssl test
> while still allowing connection to ELPA/MELPA without even supplying CRL
> files (GnuTLS already does OCSP stapling verifcation transparently, and
> Emacs is using it already minus surfacing `GNUTLS_CERT_MISSING_OCSP_STATUS`
> when it fails). The exact meaning these levels appears to be spread out
> among different tables in ENISA's Algorithms, Key Sizes and Parameters
> Report - 2013 [3].
>
> As a possible way to avoid confusion, I would suggest we consolidate the 2
> different meaning of profiles (NSM and GnuTLS) into GnuTLS's. Instead of
> having users to edit an alist like Lars has done in commit 6584bc67, we
> could:
>
> 1. Append `network-security-level` to `gnutls-algorithm-priority`, i.e.
> `network-security-level` will be a list of predefined symbols that will be
> mapped to GnuTLS's `%PROFILE_*` strings, and append to it when setting up
> `gnutls-boot-parameters`.
> 2. Forget about letting users decide whether they want to accept
> problematic certs or not, no modern browsers does it anymore. Doing network
> security checks in 2 different places also introduces impedance mismatch.
> Specifically, GnuTLS by default disables a number of cyphers and hashes.
> The only way to stop it from generating fatal alerts is to enable
> everything GnuTLS has implemented and reinvent all the wheels in LISP (do
> you really want to reenable SSL3?). This is insane from both a security and
> performance perspective, as we don't have reliable NETSEC resources to
> respond to any security issues that we may introduce during the process.
> Even if we do, there's a larger problem of Emacs's release process.
> 3. To solve the problem of letting users fine tune the client's acceptable
> cyphersuite, MACs and whatnot for emergencies out of Emacs' release cycles,
> let's introduce a bunch of new defcustoms such as `gnutls-cyphersuite`,
> `gnutls-key-exchange` etc, see [1] for the table.
> 4. Normally, the fine tuning defcustoms in 3) will be nil, in which case
> `gnutls-algorithm-priority` takes precedence, otherwise they are combined
> into a final priority string supplied to `gnutls-boot-parameters`.
> 5. Merge nsm into the gnutls group. No more distinction between
> interactive and non-interactive sessions due to 2).
>
> References:
> [1]: https://gnutls.org/manual/html_node/Priority-Strings.html
> <https://gnutls.org/manual/html_node/Priority-Strings.html>
> [2]: https://gnutls.org/manual/html_node/Selecting-cryptographic-
> key-sizes.html#tab_003akey_002dsizes
> <https://gnutls.org/manual/html_node/Selecting-cryptographic-key-sizes.html#tab_003akey_002dsizes>
> [3]: https://www.enisa.europa.eu/publications/algorithms-key-size
> s-and-parameters-report
>
> <https://www.enisa.europa.eu/publications/algorithms-key-sizes-and-parameters-report>
>
> On Tue, Jun 26, 2018 at 2:23 AM, Noam Postavsky <npostavs@HIDDEN>
> wrote:
>
>> Lars Ingebrigtsen <larsi@HIDDEN> writes:
>>
>> > There are also more protocol stuff we should warn about on various
>> > levels.  These should be on `high':
>>
>> >>            "https://dh-small-subgroup.badssl.com/"        ;; fail
>> >>            "https://dh-composite.badssl.com/"             ;; fail
>>
>> So these ones seem kind of problematic, as alluded to on emacs-devel.
>> It doesn't look like gnutls has an API to get or check the value of the
>> DH primes (calc-prime-test bails out when given a 1024 bit prime, so we
>> definitely need library support for this).
>>
>> https://lists.gnu.org/archive/html/emacs-devel/2018-06/msg00805.html
>> https://lists.gnu.org/archive/html/emacs-devel/2018-06/msg00807.html
>>
>>
>>
>

--000000000000c62c2f056f8594ae
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div>Sorry I was confused in my last reply about modern br=
owsers not allowing you to accept certs. Chrome just hides that functionali=
ty really well, so forget about my proposal earlier.  (one should not reply=
 to emails at 5 in the morning) Here&#39;s my new proposal:<br></div><div><=
br></div><div>1. Forget about defining what tests belongs in what levels, t=
here should just be one level which is the default sets of tests, let&#39;s=
 call this coarse grain setting.<br></div><div>2. Fine grain settings shoul=
d only allow you to **add** to the default list of checks, so it will be a =
defcustom of an alist (there&#39;s prior art of this), let&#39;s call this =
`nsm-additional-checks`<br></div><div>3. We can predefine a bunch of check =
functions that users can add to `nsm-additional-checks` without having to w=
rite their own.<br></div><div>4. For dh-small-subgroup and dh-composite, th=
e only way to check this in LISP seems to be to supply `:min-prime-bits 204=
8` to `gnutls-boot-parameters`. In which case GnuTLS will fail with fatal a=
lert for both counts. A user will not be able to accept dh-small-subgroup a=
nd dh-composite certs if checks for them are enabled. This is fine, as a us=
er is not able to accept RC4 certs via NSM now, browsers also do it this wa=
y.<br></div><div class=3D"gmail_extra"><br><div class=3D"gmail_quote">On Tu=
e, Jun 26, 2018 at 5:11 AM, Jimmy Yuen Ho Wong <span dir=3D"ltr">&lt;<a hre=
f=3D"mailto:wyuenho@HIDDEN" target=3D"_blank">wyuenho@HIDDEN</a>&gt;<=
/span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8=
ex;border-left:1px #ccc solid;padding-left:1ex"><div dir=3D"ltr"><div>`dh-c=
omposite` can be mitigated by using the &quot;NORMAL:%PROFILE_MEDIUM&quot; =
priority string[1], &quot;NORMAL:%PROFILE_HIGH&quot; [2] will pass all 26 b=
adssl test while still allowing connection to ELPA/MELPA without even suppl=
ying CRL files (GnuTLS already does OCSP stapling verifcation transparently=
, and Emacs is using it already minus surfacing `GNUTLS_CERT_MISSING_OCSP_S=
TAT<wbr>US` when it fails). The exact meaning these levels appears to be sp=
read out among different tables in ENISA&#39;s Algorithms, Key Sizes and Pa=
rameters Report - 2013 [3].</div><div><br></div><div>As a possible way to a=
void confusion, I would suggest we consolidate the 2 different meaning of p=
rofiles (NSM and GnuTLS) into GnuTLS&#39;s. Instead of having users to edit=
 an alist like Lars has done in commit 6584bc67, we could:</div><div><br></=
div><div>1. Append `network-security-level` to `gnutls-algorithm-priority`,=
 i.e. `network-security-level` will be a list of predefined symbols that wi=
ll be mapped to GnuTLS&#39;s `%PROFILE_*` strings, and append to it when se=
tting up `gnutls-boot-parameters`.</div><div>2. Forget about letting users =
decide whether they want to accept problematic certs or not, no modern brow=
sers does it anymore. Doing network security checks in 2 different places a=
lso introduces impedance mismatch. Specifically, GnuTLS by default disables=
 a number of cyphers and hashes. The only way to stop it from generating fa=
tal alerts is to enable everything GnuTLS has implemented and reinvent all =
the wheels in LISP (do you really want to reenable SSL3?). This is insane f=
rom both a security and performance perspective, as we don&#39;t have relia=
ble NETSEC resources to respond to any security issues that we may introduc=
e during the process. Even if we do, there&#39;s a larger problem of Emacs&=
#39;s release process.<br></div><div>3. To solve the problem of letting use=
rs fine tune the client&#39;s acceptable cyphersuite, MACs and whatnot for =
emergencies out of Emacs&#39; release cycles, let&#39;s introduce a bunch o=
f new defcustoms such as `gnutls-cyphersuite`, `gnutls-key-exchange` etc, s=
ee [1] for the table.</div><div>4. Normally, the fine tuning defcustoms in =
3) will be nil, in which case `gnutls-algorithm-priority` takes precedence,=
 otherwise they are combined into a final priority string supplied to `gnut=
ls-boot-parameters`.</div><div>5. Merge nsm into the gnutls group. No more =
distinction between interactive and non-interactive sessions due to 2).<br>=
</div><div><br></div><div>References:<br></div><div><a href=3D"https://gnut=
ls.org/manual/html_node/Priority-Strings.html" target=3D"_blank">[1]: https=
://gnutls.org/manual/html<wbr>_node/Priority-Strings.html</a></div><div><a =
href=3D"https://gnutls.org/manual/html_node/Selecting-cryptographic-key-siz=
es.html#tab_003akey_002dsizes" target=3D"_blank">[2]: https://gnutls.org/ma=
nual/html<wbr>_node/Selecting-cryptographic-<wbr>key-sizes.html#tab_003akey=
_002<wbr>dsizes</a></div><div><a href=3D"https://www.enisa.europa.eu/public=
ations/algorithms-key-sizes-and-parameters-report" target=3D"_blank">[3]: h=
ttps://www.enisa.europa.eu/pu<wbr>blications/algorithms-key-size<wbr>s-and-=
parameters-report<br></a></div></div><div class=3D"m_-1870099052628404725HO=
EnZb"><div class=3D"m_-1870099052628404725h5"><div class=3D"gmail_extra"><b=
r><div class=3D"gmail_quote">On Tue, Jun 26, 2018 at 2:23 AM, Noam Postavsk=
y <span dir=3D"ltr">&lt;<a href=3D"mailto:npostavs@HIDDEN" target=3D"_bl=
ank">npostavs@HIDDEN</a>&gt;</span> wrote:<br><blockquote class=3D"gmail=
_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:=
1ex">Lars Ingebrigtsen &lt;<a href=3D"mailto:larsi@HIDDEN" target=3D"_bla=
nk">larsi@HIDDEN</a>&gt; writes:<br>
<br>
&gt; There are also more protocol stuff we should warn about on various<br>
&gt; levels.=C2=A0 These should be on `high&#39;:<br>
<br>
&gt;&gt; =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 &quot=
;<a href=3D"https://dh-small-subgroup.badssl.com/" rel=3D"noreferrer" targe=
t=3D"_blank">https://dh-small-subgroup.bad<wbr>ssl.com/</a>&quot;=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 ;; fail<br>
&gt;&gt; =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 &quot=
;<a href=3D"https://dh-composite.badssl.com/" rel=3D"noreferrer" target=3D"=
_blank">https://dh-composite.badssl.c<wbr>om/</a>&quot;=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 ;; fail<br>
<br>
So these ones seem kind of problematic, as alluded to on emacs-devel.<br>
It doesn&#39;t look like gnutls has an API to get or check the value of the=
<br>
DH primes (calc-prime-test bails out when given a 1024 bit prime, so we<br>
definitely need library support for this).<br>
<br>
<a href=3D"https://lists.gnu.org/archive/html/emacs-devel/2018-06/msg00805.=
html" rel=3D"noreferrer" target=3D"_blank">https://lists.gnu.org/archive/<w=
br>html/emacs-devel/2018-06/msg00<wbr>805.html</a><br>
<a href=3D"https://lists.gnu.org/archive/html/emacs-devel/2018-06/msg00807.=
html" rel=3D"noreferrer" target=3D"_blank">https://lists.gnu.org/archive/<w=
br>html/emacs-devel/2018-06/msg00<wbr>807.html</a><br>
<br>
<br>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div></div>

--000000000000c62c2f056f8594ae--




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 26 Jun 2018 04:11:59 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jun 26 00:11:59 2018
Received: from localhost ([127.0.0.1]:35527 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fXfKd-0006eA-Ul
	for submit <at> debbugs.gnu.org; Tue, 26 Jun 2018 00:11:59 -0400
Received: from mail-io0-f169.google.com ([209.85.223.169]:40996)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wyuenho@HIDDEN>) id 1fXfKX-0006do-Uz
 for 31946 <at> debbugs.gnu.org; Tue, 26 Jun 2018 00:11:53 -0400
Received: by mail-io0-f169.google.com with SMTP id k16-v6so11867765ioa.8
 for <31946 <at> debbugs.gnu.org>; Mon, 25 Jun 2018 21:11:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=p/p5g97GQcco8gmztIORwzfgBvfQwu0zIXwcHMCmLCc=;
 b=NiXPlCePpIfeuosHqEjxfz39VLijBnIq0EtuGD+DjjBR2V8xYCLp/4S6EtfCvCFUE9
 zpuej0QPxALor1KFWNoTtORid60yFwTp7GOk/hIHUbb9ZRBqglZdZhVdwI8L+MFsweFq
 2YiJEHZ/xH3rlyPx0AOn/lGz9Y91t0og14rDVO52mmg54UaOgca9EuzuXApeEWxIC0aQ
 4xzJ7RH7lzqYk4OoFX9ODUmuzdVIj2xjHnbxR+u8yXelVFmSJeQhUFgv0aU3NWxIghi8
 WZxauOI9IbxHT9JT2bQxMpYA5I+midx9E4gimX5L1b3JJbdMpSazfNwDXm9CPcii8ByN
 eHPA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=p/p5g97GQcco8gmztIORwzfgBvfQwu0zIXwcHMCmLCc=;
 b=r7ChDOjh+G9dAPyvy3cA92kdj4aq32jmw1Kr6RO9PT6amhsNtJS0CjWjABbQwwXf42
 MmzM8canHa9El+Ts2YPjVgfi4txVhIihStiroHZeu4TZqElffq4KYqWLnlOZ9X0OZ6GM
 wDMAGxnyxsSIOTTwgB0o4CDl++tXLwhR8F7Kl0PXvTs7MAMH4UAaM50caszkoabuxmWp
 9/yZHgmyBQh1fRs9qk03sQ90SuptHq4nHCOf+sEfCRxuzJ9q4Wq8bv0bUkQehuKrzvxW
 WOij8K+G/WtnqWRfent7BQ15jcJdAk01GmKQxcmgVK7qQo8MomlKCHZj+ka4g+0gjWF5
 oTMA==
X-Gm-Message-State: APt69E2iVnn73IJcuwsNxc2eea6CYXOabz15s9x2NWKYqBqwdDY7UrHQ
 87NCe615Sp/8Yo4Zi/frM9AGykkO4aAbh9CvN4U=
X-Google-Smtp-Source: AAOMgpfAVCGQu2CKVz8xOU2S/F7ojh98xmNPY0n0qhobiH2U2AnCpj/+NpFcmV2YOV+OadBqa252araEHezuaGIxtPQ=
X-Received: by 2002:a5e:9812:: with SMTP id
 s18-v6mr4970080ioj.117.1529986304261; 
 Mon, 25 Jun 2018 21:11:44 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:985d:0:0:0:0:0 with HTTP; Mon, 25 Jun 2018 21:11:23
 -0700 (PDT)
In-Reply-To: <87fu1apchn.fsf@HIDDEN>
References: <m3vaa9aius.fsf@HIDDEN> <87fu1apchn.fsf@HIDDEN>
From: Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
Date: Tue, 26 Jun 2018 05:11:23 +0100
Message-ID: <CAKDRQS55hY+tF0jDT0wZsPJOcFxZ33m+mFVrT7duNQYp28JJMw@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
To: Noam Postavsky <npostavs@HIDDEN>
Content-Type: multipart/alternative; boundary="0000000000002d465a056f83b2bb"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: Lars Ingebrigtsen <larsi@HIDDEN>, 31946 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

--0000000000002d465a056f83b2bb
Content-Type: text/plain; charset="UTF-8"

`dh-composite` can be mitigated by using the "NORMAL:%PROFILE_MEDIUM"
priority string[1], "NORMAL:%PROFILE_HIGH" [2] will pass all 26 badssl test
while still allowing connection to ELPA/MELPA without even supplying CRL
files (GnuTLS already does OCSP stapling verifcation transparently, and
Emacs is using it already minus surfacing `GNUTLS_CERT_MISSING_OCSP_STATUS`
when it fails). The exact meaning these levels appears to be spread out
among different tables in ENISA's Algorithms, Key Sizes and Parameters
Report - 2013 [3].

As a possible way to avoid confusion, I would suggest we consolidate the 2
different meaning of profiles (NSM and GnuTLS) into GnuTLS's. Instead of
having users to edit an alist like Lars has done in commit 6584bc67, we
could:

1. Append `network-security-level` to `gnutls-algorithm-priority`, i.e.
`network-security-level` will be a list of predefined symbols that will be
mapped to GnuTLS's `%PROFILE_*` strings, and append to it when setting up
`gnutls-boot-parameters`.
2. Forget about letting users decide whether they want to accept
problematic certs or not, no modern browsers does it anymore. Doing network
security checks in 2 different places also introduces impedance mismatch.
Specifically, GnuTLS by default disables a number of cyphers and hashes.
The only way to stop it from generating fatal alerts is to enable
everything GnuTLS has implemented and reinvent all the wheels in LISP (do
you really want to reenable SSL3?). This is insane from both a security and
performance perspective, as we don't have reliable NETSEC resources to
respond to any security issues that we may introduce during the process.
Even if we do, there's a larger problem of Emacs's release process.
3. To solve the problem of letting users fine tune the client's acceptable
cyphersuite, MACs and whatnot for emergencies out of Emacs' release cycles,
let's introduce a bunch of new defcustoms such as `gnutls-cyphersuite`,
`gnutls-key-exchange` etc, see [1] for the table.
4. Normally, the fine tuning defcustoms in 3) will be nil, in which case
`gnutls-algorithm-priority` takes precedence, otherwise they are combined
into a final priority string supplied to `gnutls-boot-parameters`.
5. Merge nsm into the gnutls group. No more distinction between interactive
and non-interactive sessions due to 2).

References:
[1]: https://gnutls.org/manual/html_node/Priority-Strings.html
<https://gnutls.org/manual/html_node/Priority-Strings.html>
[2]: https://gnutls.org/manual/html_node/Selecting-cryptographic-
key-sizes.html#tab_003akey_002dsizes
<https://gnutls.org/manual/html_node/Selecting-cryptographic-key-sizes.html#tab_003akey_002dsizes>
[3]: https://www.enisa.europa.eu/publications/algorithms-key-
sizes-and-parameters-report
<https://www.enisa.europa.eu/publications/algorithms-key-sizes-and-parameters-report>

On Tue, Jun 26, 2018 at 2:23 AM, Noam Postavsky <npostavs@HIDDEN> wrote:

> Lars Ingebrigtsen <larsi@HIDDEN> writes:
>
> > There are also more protocol stuff we should warn about on various
> > levels.  These should be on `high':
>
> >>            "https://dh-small-subgroup.badssl.com/"        ;; fail
> >>            "https://dh-composite.badssl.com/"             ;; fail
>
> So these ones seem kind of problematic, as alluded to on emacs-devel.
> It doesn't look like gnutls has an API to get or check the value of the
> DH primes (calc-prime-test bails out when given a 1024 bit prime, so we
> definitely need library support for this).
>
> https://lists.gnu.org/archive/html/emacs-devel/2018-06/msg00805.html
> https://lists.gnu.org/archive/html/emacs-devel/2018-06/msg00807.html
>
>
>

--0000000000002d465a056f83b2bb
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div>`dh-composite` can be mitigated by using the &quot;NO=
RMAL:%PROFILE_MEDIUM&quot; priority string[1], &quot;NORMAL:%PROFILE_HIGH&q=
uot; [2] will pass all 26 badssl test while still allowing connection to EL=
PA/MELPA without even supplying CRL files (GnuTLS already does OCSP staplin=
g verifcation transparently, and Emacs is using it already minus surfacing =
`GNUTLS_CERT_MISSING_OCSP_STATUS` when it fails). The exact meaning these l=
evels appears to be spread out among different tables in ENISA&#39;s Algori=
thms, Key Sizes and Parameters Report - 2013 [3].</div><div><br></div><div>=
As a possible way to avoid confusion, I would suggest we consolidate the 2 =
different meaning of profiles (NSM and GnuTLS) into GnuTLS&#39;s. Instead o=
f having users to edit an alist like Lars has done in commit 6584bc67, we c=
ould:</div><div><br></div><div>1. Append `network-security-level` to `gnutl=
s-algorithm-priority`, i.e. `network-security-level` will be a list of pred=
efined symbols that will be mapped to GnuTLS&#39;s `%PROFILE_*` strings, an=
d append to it when setting up `gnutls-boot-parameters`.</div><div>2. Forge=
t about letting users decide whether they want to accept problematic certs =
or not, no modern browsers does it anymore. Doing network security checks i=
n 2 different places also introduces impedance mismatch. Specifically, GnuT=
LS by default disables a number of cyphers and hashes. The only way to stop=
 it from generating fatal alerts is to enable everything GnuTLS has impleme=
nted and reinvent all the wheels in LISP (do you really want to reenable SS=
L3?). This is insane from both a security and performance perspective, as w=
e don&#39;t have reliable NETSEC resources to respond to any security issue=
s that we may introduce during the process. Even if we do, there&#39;s a la=
rger problem of Emacs&#39;s release process.<br></div><div>3. To solve the =
problem of letting users fine tune the client&#39;s acceptable cyphersuite,=
 MACs and whatnot for emergencies out of Emacs&#39; release cycles, let&#39=
;s introduce a bunch of new defcustoms such as `gnutls-cyphersuite`, `gnutl=
s-key-exchange` etc, see [1] for the table.</div><div>4. Normally, the fine=
 tuning defcustoms in 3) will be nil, in which case `gnutls-algorithm-prior=
ity` takes precedence, otherwise they are combined into a final priority st=
ring supplied to `gnutls-boot-parameters`.</div><div>5. Merge nsm into the =
gnutls group. No more distinction between interactive and non-interactive s=
essions due to 2).<br></div><div><br></div><div>References:<br></div><div><=
a href=3D"https://gnutls.org/manual/html_node/Priority-Strings.html" target=
=3D"_blank">[1]: https://gnutls.org/manual/html<wbr>_node/Priority-Strings.=
html</a></div><div><a href=3D"https://gnutls.org/manual/html_node/Selecting=
-cryptographic-key-sizes.html#tab_003akey_002dsizes" target=3D"_blank">[2]:=
 https://gnutls.org/manual/html<wbr>_node/Selecting-cryptographic-<wbr>key-=
sizes.html#tab_003akey_<wbr>002dsizes</a></div><div><a href=3D"https://www.=
enisa.europa.eu/publications/algorithms-key-sizes-and-parameters-report" ta=
rget=3D"_blank">[3]: https://www.enisa.europa.eu/<wbr>publications/algorith=
ms-key-<wbr>sizes-and-parameters-report<br></a></div></div><div class=3D"gm=
ail_extra"><br><div class=3D"gmail_quote">On Tue, Jun 26, 2018 at 2:23 AM, =
Noam Postavsky <span dir=3D"ltr">&lt;<a href=3D"mailto:npostavs@HIDDEN" =
target=3D"_blank">npostavs@HIDDEN</a>&gt;</span> wrote:<br><blockquote c=
lass=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;=
padding-left:1ex">Lars Ingebrigtsen &lt;<a href=3D"mailto:larsi@HIDDEN">l=
arsi@HIDDEN</a>&gt; writes:<br>
<br>
&gt; There are also more protocol stuff we should warn about on various<br>
&gt; levels.=C2=A0 These should be on `high&#39;:<br>
<br>
&gt;&gt; =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 &quot=
;<a href=3D"https://dh-small-subgroup.badssl.com/" rel=3D"noreferrer" targe=
t=3D"_blank">https://dh-small-subgroup.<wbr>badssl.com/</a>&quot;=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 ;; fail<br>
&gt;&gt; =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 &quot=
;<a href=3D"https://dh-composite.badssl.com/" rel=3D"noreferrer" target=3D"=
_blank">https://dh-composite.badssl.<wbr>com/</a>&quot;=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 ;; fail<br>
<br>
So these ones seem kind of problematic, as alluded to on emacs-devel.<br>
It doesn&#39;t look like gnutls has an API to get or check the value of the=
<br>
DH primes (calc-prime-test bails out when given a 1024 bit prime, so we<br>
definitely need library support for this).<br>
<br>
<a href=3D"https://lists.gnu.org/archive/html/emacs-devel/2018-06/msg00805.=
html" rel=3D"noreferrer" target=3D"_blank">https://lists.gnu.org/archive/<w=
br>html/emacs-devel/2018-06/<wbr>msg00805.html</a><br>
<a href=3D"https://lists.gnu.org/archive/html/emacs-devel/2018-06/msg00807.=
html" rel=3D"noreferrer" target=3D"_blank">https://lists.gnu.org/archive/<w=
br>html/emacs-devel/2018-06/<wbr>msg00807.html</a><br>
<br>
<br>
</blockquote></div><br></div>

--0000000000002d465a056f83b2bb--




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 26 Jun 2018 01:23:33 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jun 25 21:23:33 2018
Received: from localhost ([127.0.0.1]:35491 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fXchd-0002ll-LT
	for submit <at> debbugs.gnu.org; Mon, 25 Jun 2018 21:23:33 -0400
Received: from mail-io0-f169.google.com ([209.85.223.169]:37661)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <npostavs@HIDDEN>) id 1fXchX-0002lU-Nm
 for 31946 <at> debbugs.gnu.org; Mon, 25 Jun 2018 21:23:27 -0400
Received: by mail-io0-f169.google.com with SMTP id s26-v6so14363882ioj.4
 for <31946 <at> debbugs.gnu.org>; Mon, 25 Jun 2018 18:23:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version:content-transfer-encoding;
 bh=hy71KMfVpKlFQc6SnSioh90nOG1fFK3+2+ubmpiB6V0=;
 b=J/mzcRxB2qIHH0KvP/+71fctlL7fBNb1Y2ei0Ecl6fEJWwC/KJcovR/+457/Bn9FTM
 OSBa54DD7OD8e/X+BJ3iz+1hZDxMOXdnrBC0VnXHGLFA4XKTttlJXwHmU30JfaNcvRm+
 X79rr16eb7s7P1ts7y1Gm93RrqhxXhSADTLisLfZhACH0MUhUe1+S0QBzYHD01AsjNNd
 7vEC7pnesQok5SzFfoWBkRTNDWsRzVF3A20w63wg6dzrq0cJ9vNAuZ5l9WgIYJPFInd2
 Hok2dfv5etKwO9iUqCToZA5aa7pNPRMxfUArCtJMgRNmnmCLYEiaLzRIn8bhC4jGge2F
 qqzA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version:content-transfer-encoding;
 bh=hy71KMfVpKlFQc6SnSioh90nOG1fFK3+2+ubmpiB6V0=;
 b=XByRPCUT4qSit5AySa2WePMf6rT5gxfiTMPIVVpPTErUooxNgL9iz5G6KrtmhMPWzW
 cihKIh8jH61+OyW60W/GqXh/ByMVII7UsJmY4TnIJVeauYiSzKLhi+ffXnWmKv8JJDXi
 cJuZtPK21A58B2ddmHRyaUmQH+kftK83Nxqrqy8iRZrRUJJSea7nFPvGrEjGD/9af2VI
 7p6UxnzgrEVqWIt35eLYI1QOJUJLY9gYqZe0t+r+RwElb1R1CxmIOueUCTb+Pk+X8xuL
 7WzapGsiCAUjt7EndrBwF6qAAQTDyP/hzXgN8pKumWxg7wqarm7DzhWuevrovKc2REeQ
 r0lg==
X-Gm-Message-State: APt69E1v+oOlcOGLIyOvb8N2b5Nzm+ysBpZSthkyG8x7D35OrQBzCGs/
 t4YM+qOAzeFsJ/mHFDO+8eY=
X-Google-Smtp-Source: AAOMgpcqCeht+t3/eOl4YA0gbmxyDMufNaBTUPttE3l/ATm1cDYsm97ut2pIkLzAzv/a0NKK3L2LmQ==
X-Received: by 2002:a6b:5002:: with SMTP id
 e2-v6mr12487579iob.31.1529976198244; 
 Mon, 25 Jun 2018 18:23:18 -0700 (PDT)
Received: from zebian (cbl-45-2-119-34.yyz.frontiernetworks.ca. [45.2.119.34])
 by smtp.googlemail.com with ESMTPSA id
 x6-v6sm2589783ith.1.2018.06.25.18.23.17
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Mon, 25 Jun 2018 18:23:17 -0700 (PDT)
From: Noam Postavsky <npostavs@HIDDEN>
To: Lars Ingebrigtsen <larsi@HIDDEN>
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN>
Date: Mon, 25 Jun 2018 21:23:16 -0400
In-Reply-To: <m3vaa9aius.fsf@HIDDEN> (Lars Ingebrigtsen's message of "Sat,
 23 Jun 2018 12:38:03 +0200")
Message-ID: <87fu1apchn.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
Cc: 31946 <at> debbugs.gnu.org, Jimmy Yuen Ho Wong <wyuenho@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Lars Ingebrigtsen <larsi@HIDDEN> writes:

> There are also more protocol stuff we should warn about on various
> levels.  These should be on `high':

>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 "https://dh=
-small-subgroup.badssl.com/"=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 ;; f=
ail
>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 "https://dh=
-composite.badssl.com/"=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0 ;; fail

So these ones seem kind of problematic, as alluded to on emacs-devel.
It doesn't look like gnutls has an API to get or check the value of the
DH primes (calc-prime-test bails out when given a 1024 bit prime, so we
definitely need library support for this).

https://lists.gnu.org/archive/html/emacs-devel/2018-06/msg00805.html
https://lists.gnu.org/archive/html/emacs-devel/2018-06/msg00807.html






Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at 31946 <at> debbugs.gnu.org:


Received: (at 31946) by debbugs.gnu.org; 24 Jun 2018 13:43:35 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Jun 24 09:43:35 2018
Received: from localhost ([127.0.0.1]:33738 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fX5Il-0005tV-Kl
	for submit <at> debbugs.gnu.org; Sun, 24 Jun 2018 09:43:35 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:48032)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fX5Ik-0005tK-2d
 for 31946 <at> debbugs.gnu.org; Sun, 24 Jun 2018 09:43:34 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=stories)
 by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <larsi@HIDDEN>) id 1fX5Ig-0006pt-A0
 for 31946 <at> debbugs.gnu.org; Sun, 24 Jun 2018 15:43:32 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: 31946 <at> debbugs.gnu.org
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
References: <m3vaa9aius.fsf@HIDDEN>
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAMFBMVEXMrxvexBL375Ty1xSz
 myL83gbz9/XpzhPx9//TuR7/4QD76VL85z/w9v1hWhr88H3agebWAAABPklEQVQ4jb3SMUvDQBQH
 8AQSOgjlDgzBjA7BqR+gWyAqZAh1CIcZHUoXJUJDwA9QsujkYpcmmKN4X8DvIEKhOHS0kKnC4dzJ
 VBEC+WcT33g/7v7vPU5Jv2uyzeKBJ6pa/Bykyi/kAdlAmOfk2ELA6ZjCG5yqUYhAnBlGBwLTkxh2
 RUwThs9JoMNwweMAgxC5YZjXsxUAVdWUvVETintt30NPcRbwEGYoDg4XBujq060ON024cwQXxU0D
 bv2pcHSXN+Bt6ftueSo57creqgb2xVrrloor5fvH4VENLm1P52tLhKa1mNQhtbeWSBKW7DJGdRhW
 c0RUNeCA51TVIQwOKAZqKiaEiJIOBEYJDmds93/g2ts+wx9C5rXA+BlDdnLVx1D2phiktCA8tcHj
 wwxniAK3y1+r6iMYVvXyr9v9AgyzgSrr1sfFAAAAAElFTkSuQmCC
Date: Sun, 24 Jun 2018 15:43:30 +0200
In-Reply-To: <m3vaa9aius.fsf@HIDDEN> (Lars Ingebrigtsen's message of "Sat,
 23 Jun 2018 12:38:03 +0200")
Message-ID: <m3a7rkcnb1.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 31946
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

I've now done the refactoring bit, and the behavior should hopefully be
identical to pre-rewrite.

The next thing that should be done is to adjust the levels for most of
the checks down to `medium', and then add some more checks from the

https://badssl.com/

list.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no





Information forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 23 Jun 2018 10:38:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Jun 23 06:38:19 2018
Received: from localhost ([127.0.0.1]:60820 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1fWfvv-0005hA-J5
	for submit <at> debbugs.gnu.org; Sat, 23 Jun 2018 06:38:19 -0400
Received: from eggs.gnu.org ([208.118.235.92]:51260)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@HIDDEN>) id 1fWfvt-0005gu-Me
 for submit <at> debbugs.gnu.org; Sat, 23 Jun 2018 06:38:18 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <larsi@HIDDEN>) id 1fWfvn-0005E3-FT
 for submit <at> debbugs.gnu.org; Sat, 23 Jun 2018 06:38:12 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled
 version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:47239)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <larsi@HIDDEN>) id 1fWfvn-0005Dv-BD
 for submit <at> debbugs.gnu.org; Sat, 23 Jun 2018 06:38:11 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:42227)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <larsi@HIDDEN>) id 1fWfvm-0000Oi-6o
 for bug-gnu-emacs@HIDDEN; Sat, 23 Jun 2018 06:38:11 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <larsi@HIDDEN>) id 1fWfvj-0005DK-2k
 for bug-gnu-emacs@HIDDEN; Sat, 23 Jun 2018 06:38:10 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:39199)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <larsi@HIDDEN>) id 1fWfvi-0005DE-QY
 for bug-gnu-emacs@HIDDEN; Sat, 23 Jun 2018 06:38:07 -0400
Received: from cm-84.212.221.165.getinternet.no ([84.212.221.165] helo=stories)
 by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <larsi@HIDDEN>) id 1fWfvf-0001RP-HU
 for bug-gnu-emacs@HIDDEN; Sat, 23 Jun 2018 12:38:05 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: bug-gnu-emacs@HIDDEN
Subject: 27.0.50; The NSM should warn about more TLS problems
Date: Sat, 23 Jun 2018 12:38:03 +0200
Message-ID: <m3vaa9aius.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: base64
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
 [fuzzy]
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -6.0 (------)

DQpUaGlzIGJ1ZyByZXBvcnQgaXMgbW9zdGx5IGp1c3QgdG8gcmVtaW5kIG15c2VsZiwgYnV0IGlm
IHNvbWVib2R5IGVsc2UNCndhbnRzIHRvIGltcGxlbWVudCBpdCAtLSBnbyBhaGVhZC4gIDotKQ0K
DQpJIG1lYW50IHRvIHJlZmFjdG9yIHRoZSBwcm90b2NvbCBjaGVja3MgaW4gbnNtLmVsIHNvIHRo
YXQgdGhleSdyZSBtb3JlDQplYXNpbHkgZXh0ZW5zaWJsZSBhbmQgYWxzbyBhbGxvdyB0aGUgdXNl
ciBtb3JlIGZpbmUtZ3JhaW5lZCBjb250cm9sIG9mDQp3aGF0IHByb3RvY29sIGlzc3VlcyB0aGV5
IGNhcmUgYWJvdXQuICBTb21ldGhpbmcgbGlrZQ0KDQooZGVmdmFyIG5ldHdvcmstc2VjdXJpdHkt
dGxzLXByb2JsZW1zDQogICAgICAgICcoKGxvdy1kaWZmaWUtaGVsbG1hbi1wcmltZS1iaXRzIG1l
ZGl1bSkNCiAgICAgICAgICAocmM0IGxvdykNCiAgICAgICAgICAoZGgtc21hbGwtc3ViZ3JvdXAg
aGlnaCkpKQ0KDQpvciBzb21ldGhpbmcsIGFuZCB0aGVuIGEgc2VwYXJhdGUgZnVuY3Rpb24gZm9y
IGVhY2ggb2YgdGhlc2UgdGVzdHMgdG8NCmF2b2lkIGFuIGV2ZXItZ3Jvd2luZyBodWdlIGZ1bmN0
aW9uIHdpdGggYSBgY29uZCcgaW4gaXQsIGFuZCBhbHNvIGFsbG93DQp1c2VycyB0byBhZGQgdGhl
aXIgb3duIHRlc3RzLg0KDQotLS0NCg0KVGhlcmUgYXJlIGFsc28gbW9yZSBwcm90b2NvbCBzdHVm
ZiB3ZSBzaG91bGQgd2FybiBhYm91dCBvbiB2YXJpb3VzDQpsZXZlbHMuICBUaGVzZSBzaG91bGQg
YmUgb24gYGhpZ2gnOg0KDQoNCj4gwqDCoMKgwqDCoMKgwqDCoMKgwqAgImh0dHBzOi8vM2Rlcy5i
YWRzc2wuY29tLyLCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgIDs7IGZh
aWwNCj4gwqDCoMKgwqDCoMKgwqDCoMKgwqAgImh0dHBzOi8vbW96aWxsYS1vbGQuYmFkc3NsLmNv
bS8iwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqAgOzsgZmFpbA0KPiDCoMKgwqDCoMKgwqDCoMKg
wqDCoCAiaHR0cHM6Ly9kaC1zbWFsbC1zdWJncm91cC5iYWRzc2wuY29tLyLCoMKgwqDCoMKgwqDC
oCA7OyBmYWlsDQo+IMKgwqDCoMKgwqDCoMKgwqDCoMKgICJodHRwczovL2RoLWNvbXBvc2l0ZS5i
YWRzc2wuY29tLyLCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqAgOzsgZmFpbA0KPiDCoMKgwqDCoMKg
wqDCoMKgwqDCoCAiaHR0cHM6Ly9pbnZhbGlkLWV4cGVjdGVkLXNjdC5iYWRzc2wuY29tLyLCoMKg
wqDCoCA7OyBmYWlsLCBhIGJpdA0KPiBjb25jZXJuaW5nDQoNClRoZXNlIHNob3VsZCBiZSBvbiBg
bWVkaXVtJzoNCg0KPiDCoMKgwqDCoMKgwqDCoMKgwqDCoCAiaHR0cHM6Ly9kaDQ4MC5iYWRzc2wu
Y29tLyLCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoCA7OyBmYWlsDQo+IMKg
wqDCoMKgwqDCoMKgwqDCoMKgICJodHRwczovL2RoNTEyLmJhZHNzbC5jb20vIsKgwqDCoMKgwqDC
oMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgIDs7IGZhaWwNCg0KDQoNCkluIEdOVSBFbWFjcyAy
Ny4wLjUwIChidWlsZCAyMCwgeDg2XzY0LXBjLWxpbnV4LWdudSwgR1RLKyBWZXJzaW9uIDMuMjIu
MTEpDQogb2YgMjAxOC0wNS0xOSBidWlsdCBvbiBzdG9yaWVzDQpSZXBvc2l0b3J5IHJldmlzaW9u
OiBmNGQ5ZmQzZGQ0NWY3NjdlY2EzM2ZiZjFiZWVlNDBkYTc5MGZhNzRlDQpXaW5kb3dpbmcgc3lz
dGVtIGRpc3RyaWJ1dG9yICdUaGUgWC5PcmcgRm91bmRhdGlvbicsIHZlcnNpb24gMTEuMC4xMTkw
MjAwMA0KU3lzdGVtIERlc2NyaXB0aW9uOiBEZWJpYW4gR05VL0xpbnV4IDkgKHN0cmV0Y2gpDQoN
Cg0KLS0gDQooZG9tZXN0aWMgcGV0cyBvbmx5LCB0aGUgYW50aWRvdGUgZm9yIG92ZXJkb3NlLCBt
aWxrLikNCiAgIGJsb2dneSBibG9nOiBodHRwOi8vbGFycy5pbmdlYnJpZ3RzZW4ubm8NCg0K




Acknowledgement sent to Lars Ingebrigtsen <larsi@HIDDEN>:
New bug report received and forwarded. Copy sent to bug-gnu-emacs@HIDDEN. Full text available.
Report forwarded to bug-gnu-emacs@HIDDEN:
bug#31946; Package emacs. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Sun, 22 Jul 2018 11:15:02 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.