Make more TLS checks trigger on the default `medium' level

* doc/emacs/misc.texi (Network Security): Update the doc to say what's on the different levels. * lisp/net/nsm.el (nsm-protocol-check--intermediary-sha1): Check intermediary certificates for SHA1. (nsm-protocol-check--3des): Check for 3DES ciphers. (network-security-protocol-checks): Put most of the checks on `medium'.
author: Lars Ingebrigtsen 2018-06-24 22:57:27 +0200
committer: Lars Ingebrigtsen 2018-06-24 22:57:27 +0200
commit: 5a285a4db97d88cfd7a2320e33542a0afe695665 (patch)
tree: 11de5284a3d79f070db4ab797b995ae74a737448 /doc
parent: fea8c7d181babe6de7daedfef07b291f8dda2322 (diff)
download: emacs-5a285a4db97d88cfd7a2320e33542a0afe695665.tar.gz
emacs-5a285a4db97d88cfd7a2320e33542a0afe695665.zip
1 files changed, 24 insertions, 13 deletions
diff --git a/doc/emacs/misc.texi b/doc/emacs/misc.texi
index 177cc8fa469..78f28ccfad9 100644
--- a/doc/emacs/misc.texi
+++ b/doc/emacs/misc.texi
@@ -352,19 +352,6 @@ over these connections.  Similarly, if you're sending email via
 connection to be encrypted.  If the connection isn't encrypted,
 @acronym{NSM} will warn you.
-@end table
-If @code{network-security-level} is @code{high}, the following checks
-will be made, in addition to the above:
-@table @asis
-@item a validated certificate changes the public key
-Servers change their keys occasionally, and that is normally nothing
-to be concerned about.  However, if you are worried that your network
-connections are being hijacked by agencies who have access to pliable
-Certificate Authorities which issue new certificates for third-party
-services, you may want to keep track of these changes.
 @item Diffie-Hellman low prime bits
 When doing the public key exchange, the number of prime bits
 should be high to ensure that the channel can't be eavesdropped on by
@@ -374,10 +361,34 @@ third parties.  If this number is too low, you will be warned.
 The @acronym{RC4} stream cipher is believed to be of low quality and
 may allow eavesdropping by third parties.
+@item @acronym{SHA1} in the host certificate or in intermediary certificates
+It is believed that if an intermediary certificate uses
+the @acronym{SHA1} hashing algorithm, then third parties can issue
+certificates pretending to be that issuing instance.  These
+connections are therefore vulnerable to man-in-the-middle attacks.
 @item @acronym{SSL1}, @acronym{SSL2} and @acronym{SSL3}
 The protocols older than @acronym{TLS1.0} are believed to be
 vulnerable to a variety of attacks, and you may want to avoid using
 these if what you're doing requires higher security.
+@end table
+If @code{network-security-level} is @code{high}, the following checks
+will be made, in addition to the above:
+@table @asis
+@item @acronym{3DES} cipther
+The @acronym{RC4} stream cipher is believed by some to be of low
+quality and may allow eavesdropping by third parties.
+@item a validated certificate changes the public key
+Servers change their keys occasionally, and that is normally nothing
+to be concerned about.  However, if you are worried that your network
+connections are being hijacked by agencies who have access to pliable
+Certificate Authorities which issue new certificates for third-party
+services, you may want to keep track of these changes.
 @end table
 Finally, if @code{network-security-level} is @code{paranoid}, you will
author	Lars Ingebrigtsen	2018-06-24 22:57:27 +0200
committer	Lars Ingebrigtsen	2018-06-24 22:57:27 +0200
commit	5a285a4db97d88cfd7a2320e33542a0afe695665 (patch)
tree	11de5284a3d79f070db4ab797b995ae74a737448 /doc
parent	fea8c7d181babe6de7daedfef07b291f8dda2322 (diff)
download	emacs-5a285a4db97d88cfd7a2320e33542a0afe695665.tar.gz emacs-5a285a4db97d88cfd7a2320e33542a0afe695665.zip

diff --git a/doc/emacs/misc.texi b/doc/emacs/misc.texi index 177cc8fa469..78f28ccfad9 100644 --- a/doc/emacs/misc.texi +++ b/doc/emacs/misc.texi
@@ -352,19 +352,6 @@ over these connections. Similarly, if you're sending email via
352	connection to be encrypted. If the connection isn't encrypted,	352	connection to be encrypted. If the connection isn't encrypted,
353	@acronym{NSM} will warn you.	353	@acronym{NSM} will warn you.
354		354
355	@end table
356
357	If @code{network-security-level} is @code{high}, the following checks
358	will be made, in addition to the above:
359
360	@table @asis
361	@item a validated certificate changes the public key
362	Servers change their keys occasionally, and that is normally nothing
363	to be concerned about. However, if you are worried that your network
364	connections are being hijacked by agencies who have access to pliable
365	Certificate Authorities which issue new certificates for third-party
366	services, you may want to keep track of these changes.
367
368	@item Diffie-Hellman low prime bits	355	@item Diffie-Hellman low prime bits
369	When doing the public key exchange, the number of prime bits	356	When doing the public key exchange, the number of prime bits
370	should be high to ensure that the channel can't be eavesdropped on by	357	should be high to ensure that the channel can't be eavesdropped on by
@@ -374,10 +361,34 @@ third parties. If this number is too low, you will be warned.
374	The @acronym{RC4} stream cipher is believed to be of low quality and	361	The @acronym{RC4} stream cipher is believed to be of low quality and
375	may allow eavesdropping by third parties.	362	may allow eavesdropping by third parties.
376		363
		364	@item @acronym{SHA1} in the host certificate or in intermediary certificates
		365	It is believed that if an intermediary certificate uses
		366	the @acronym{SHA1} hashing algorithm, then third parties can issue
		367	certificates pretending to be that issuing instance. These
		368	connections are therefore vulnerable to man-in-the-middle attacks.
		369
377	@item @acronym{SSL1}, @acronym{SSL2} and @acronym{SSL3}	370	@item @acronym{SSL1}, @acronym{SSL2} and @acronym{SSL3}
378	The protocols older than @acronym{TLS1.0} are believed to be	371	The protocols older than @acronym{TLS1.0} are believed to be
379	vulnerable to a variety of attacks, and you may want to avoid using	372	vulnerable to a variety of attacks, and you may want to avoid using
380	these if what you're doing requires higher security.	373	these if what you're doing requires higher security.
		374
		375	@end table
		376
		377	If @code{network-security-level} is @code{high}, the following checks
		378	will be made, in addition to the above:
		379
		380	@table @asis
		381	@item @acronym{3DES} cipther
		382	The @acronym{RC4} stream cipher is believed by some to be of low
		383	quality and may allow eavesdropping by third parties.
		384
		385	@item a validated certificate changes the public key
		386	Servers change their keys occasionally, and that is normally nothing
		387	to be concerned about. However, if you are worried that your network
		388	connections are being hijacked by agencies who have access to pliable
		389	Certificate Authorities which issue new certificates for third-party
		390	services, you may want to keep track of these changes.
		391
381	@end table	392	@end table
382		393
383	Finally, if @code{network-security-level} is @code{paranoid}, you will	394	Finally, if @code{network-security-level} is @code{paranoid}, you will