diff options
| author | Lars Ingebrigtsen | 2018-07-08 13:40:37 +0200 |
|---|---|---|
| committer | Lars Ingebrigtsen | 2018-07-08 13:40:37 +0200 |
| commit | 1dc4d0909349121699bf5c623004c0edb481e9b6 (patch) | |
| tree | b37d6eb1f39adc6482592b31908bb41f86600869 /doc | |
| parent | f9649f0e147815ddd78073c52cd0e2ad9f33c4e4 (diff) | |
| download | emacs-1dc4d0909349121699bf5c623004c0edb481e9b6.tar.gz emacs-1dc4d0909349121699bf5c623004c0edb481e9b6.zip | |
Document network-security-protocol-checks better
* doc/emacs/misc.texi (Network Security): Rearrange the
network-security-protocol-checks documentation and try to explain
more what this all means and what checks are triggered.
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/emacs/misc.texi | 57 |
1 files changed, 35 insertions, 22 deletions
diff --git a/doc/emacs/misc.texi b/doc/emacs/misc.texi index 692f1fd6504..96651381962 100644 --- a/doc/emacs/misc.texi +++ b/doc/emacs/misc.texi | |||
| @@ -314,6 +314,26 @@ You can decide to register a permanent security exception for an | |||
| 314 | unverified connection, a temporary exception, or refuse the connection | 314 | unverified connection, a temporary exception, or refuse the connection |
| 315 | entirely. | 315 | entirely. |
| 316 | 316 | ||
| 317 | @vindex network-security-protocol-checks | ||
| 318 | In addition to the basic certificate corrections checks, | ||
| 319 | several @acronym{TLS} algorithm checks are available. Some encryption | ||
| 320 | technologies that were previously thought to be secure have shown | ||
| 321 | themselves to be fragile, and Emacs will (by default) warn the users | ||
| 322 | about some of these problems. | ||
| 323 | |||
| 324 | The protocol network checks is controlled via the | ||
| 325 | @code{network-security-protocol-checks} variable. | ||
| 326 | |||
| 327 | It's an alist where the first element is the name of the check, | ||
| 328 | the second is the security level where the check kicks in, and the | ||
| 329 | optional third element is a parameter supplied to the check. | ||
| 330 | |||
| 331 | An element like @code{(rc4 medium)} will result in the function | ||
| 332 | @code{nsm-protocol-check--rc4} being called like thus: | ||
| 333 | @code{(nsm-protocol-check--rc4 host port status optional-parameter)}. | ||
| 334 | The function should return non-@code{nil} if the connection should | ||
| 335 | proceed and @code{nil} otherwise. | ||
| 336 | |||
| 317 | Below is a list of the checks done on the @code{medium} level. | 337 | Below is a list of the checks done on the @code{medium} level. |
| 318 | 338 | ||
| 319 | @table @asis | 339 | @table @asis |
| @@ -353,24 +373,30 @@ connection to be encrypted. If the connection isn't encrypted, | |||
| 353 | @acronym{NSM} will warn you. | 373 | @acronym{NSM} will warn you. |
| 354 | 374 | ||
| 355 | @item Diffie-Hellman low prime bits | 375 | @item Diffie-Hellman low prime bits |
| 356 | When doing the public key exchange, the number of prime bits | 376 | When doing the public key exchange, the number of prime bits should be |
| 357 | should be high to ensure that the channel can't be eavesdropped on by | 377 | high to ensure that the channel can't be eavesdropped on by third |
| 358 | third parties. If this number is too low, you will be warned. | 378 | parties. If this number is too low, you will be warned. (This is the |
| 379 | @code{diffie-hellman-prime-bits} check in | ||
| 380 | @code{network-security-protocol-checks}). | ||
| 359 | 381 | ||
| 360 | @item @acronym{RC4} stream cipher | 382 | @item @acronym{RC4} stream cipher |
| 361 | The @acronym{RC4} stream cipher is believed to be of low quality and | 383 | The @acronym{RC4} stream cipher is believed to be of low quality and |
| 362 | may allow eavesdropping by third parties. | 384 | may allow eavesdropping by third parties. (This is the @code{rc4} |
| 385 | check in @code{network-security-protocol-checks}). | ||
| 363 | 386 | ||
| 364 | @item @acronym{SHA1} in the host certificate or in intermediate certificates | 387 | @item @acronym{SHA1} in the host certificate or in intermediate certificates |
| 365 | It is believed that if an intermediate certificate uses | 388 | It is believed that if an intermediate certificate uses the |
| 366 | the @acronym{SHA1} hashing algorithm, then third parties can issue | 389 | @acronym{SHA1} hashing algorithm, then third parties can issue |
| 367 | certificates pretending to be that issuing instance. These | 390 | certificates pretending to be that issuing instance. These |
| 368 | connections are therefore vulnerable to man-in-the-middle attacks. | 391 | connections are therefore vulnerable to man-in-the-middle attacks. |
| 392 | (These are the @code{signature-sha1} and @code{intermediate-sha1} | ||
| 393 | checks in @code{network-security-protocol-checks}). | ||
| 369 | 394 | ||
| 370 | @item @acronym{SSL1}, @acronym{SSL2} and @acronym{SSL3} | 395 | @item @acronym{SSL1}, @acronym{SSL2} and @acronym{SSL3} |
| 371 | The protocols older than @acronym{TLS1.0} are believed to be | 396 | The protocols older than @acronym{TLS1.0} are believed to be |
| 372 | vulnerable to a variety of attacks, and you may want to avoid using | 397 | vulnerable to a variety of attacks, and you may want to avoid using |
| 373 | these if what you're doing requires higher security. | 398 | these if what you're doing requires higher security. (This is the |
| 399 | @code{ssl} check in @code{network-security-protocol-checks}). | ||
| 374 | 400 | ||
| 375 | @end table | 401 | @end table |
| 376 | 402 | ||
| @@ -381,6 +407,8 @@ will be made, in addition to the above: | |||
| 381 | @item @acronym{3DES} cipher | 407 | @item @acronym{3DES} cipher |
| 382 | The @acronym{3DES} stream cipher provides at most 112 bits of | 408 | The @acronym{3DES} stream cipher provides at most 112 bits of |
| 383 | effective security, which is considered to be towards the low end. | 409 | effective security, which is considered to be towards the low end. |
| 410 | (This is the @code{3des} check in | ||
| 411 | @code{network-security-protocol-checks}). | ||
| 384 | 412 | ||
| 385 | @item a validated certificate changes the public key | 413 | @item a validated certificate changes the public key |
| 386 | Servers change their keys occasionally, and that is normally nothing | 414 | Servers change their keys occasionally, and that is normally nothing |
| @@ -414,21 +442,6 @@ servers the user has connected to. If this variable is @code{t}, | |||
| 414 | @acronym{NSM} will also save host names in the | 442 | @acronym{NSM} will also save host names in the |
| 415 | @code{nsm-settings-file}. | 443 | @code{nsm-settings-file}. |
| 416 | 444 | ||
| 417 | @item network-security-protocol-checks | ||
| 418 | @vindex network-security-protocol-checks | ||
| 419 | The protocol network checks (mostly for @acronym{TLS} weaknesses) is | ||
| 420 | controlled via the @code{network-security-protocol-checks} variable. | ||
| 421 | |||
| 422 | It's an alist where the first element is the name of the check, | ||
| 423 | the second is the security level where the check kicks in, and the | ||
| 424 | optional third element is a parameter supplied to the check. | ||
| 425 | |||
| 426 | An element like @code{(rc4 medium)} will result in the function | ||
| 427 | @code{nsm-protocol-check--rc4} being called like thus: | ||
| 428 | @code{(nsm-protocol-check--rc4 host port status optional-parameter)}. | ||
| 429 | The function should return non-@code{nil} if the connection should | ||
| 430 | proceed and @code{nil} otherwise. | ||
| 431 | |||
| 432 | @end table | 445 | @end table |
| 433 | 446 | ||
| 434 | 447 | ||