8 files changed, 119 insertions, 104 deletions
diff --git a/doc/emacs/ChangeLog b/doc/emacs/ChangeLog
index aa9804fa94c..198de4f2636 100644
--- a/doc/emacs/ChangeLog
+++ b/doc/emacs/ChangeLog
@@ -1,3 +1,8 @@
+2014-11-24  Lars Magne Ingebrigtsen  <larsi@gnus.org>
+        * misc.texi (Gnus Summary Buffer): Move the Network Security
+        Manager stuff here from the lispref manual.
 2014-11-21  Eli Zaretskii  <eliz@gnu.org>
        * maintaining.texi (Version Control Systems): Move "@end itemize"
diff --git a/doc/emacs/emacs.texi b/doc/emacs/emacs.texi
index 702aa64bc25..66b10145e06 100644
--- a/doc/emacs/emacs.texi
+++ b/doc/emacs/emacs.texi
@@ -189,6 +189,7 @@ Advanced Features
 * Sending Mail::        Sending mail in Emacs.
 * Rmail::               Reading mail in Emacs.
 * Gnus::                A flexible mail and news reader.
+* Network Security::    Managing the network security.
 * Document View::       Viewing PDF, PS and DVI files.
 * EWW::                 A web browser in Emacs.
 * Shell::               Executing shell commands from Emacs.
diff --git a/doc/emacs/misc.texi b/doc/emacs/misc.texi
index af5ced77b52..2295414aa55 100644
--- a/doc/emacs/misc.texi
+++ b/doc/emacs/misc.texi
@@ -249,6 +249,109 @@ Search forward for articles containing a match for @var{regexp}.
 Exit the summary buffer and return to the group buffer.
 @end table
+@node Network Security
+@section Network Security
+@cindex Network Security Manager
+@cindex encryption
+@cindex SSL
+@cindex TLS
+@cindex STARTTLS
+After establishing a network connection, the connection is then passed
+on to the Network Security Manager (@acronym{NSM}).
+@vindex network-security-level
+The @code{network-security-level} variable determines the security
+level.  If this is @code{low}, no security checks are performed.
+If this variable is @code{medium} (which is the default), a number of
+checks will be performed.  If the @acronym{NSM} determines that the
+network connection might be unsafe, the user is made aware of this,
+and the @acronym{NSM} will ask the user what to do about the network
+connection.
+The user is given the choice of registering a permanent security
+exception, a temporary one, or whether to refuse the connection
+entirely.
+Below is a list of the checks done on the @code{medium} level.
+@table @asis
+@item unable to verify a @acronym{TLS} certificate
+If the connection is a @acronym{TLS}, @acronym{SSL} or
+@acronym{STARTTLS} connection, the @acronym{NSM} will check whether
+the certificate used to establish the identity of the server we're
+connecting to can be verified.
+While an invalid certificate is often the cause for concern (there may
+be a Man-in-the-Middle hijacking your network connection and stealing
+your password), there may be valid reasons for going ahead with the
+connection anyway.
+For instance, the server may be using a self-signed certificate, or
+the certificate may have expired.  It's up to the user to determine
+whether it's acceptable to continue the connection.
+@item a self-signed certificate has changed
+If you've previously accepted a self-signed certificate, but it has
+now changed, that either means that the server has just changed the
+certificate, or this might mean that the network connection has been
+hijacked.
+@item previously encrypted connection now unencrypted
+If the connection is unencrypted, but it was encrypted in previous
+sessions, this might mean that there is a proxy between you and the
+server that strips away @acronym{STARTTLS} announcements, leaving the
+connection unencrypted.  This is usually very suspicious.
+@item talking to an unencrypted service when sending a password
+When connecting to an @acronym{IMAP} or @acronym{POP3} server, these
+should usually be encrypted, because it's common to send passwords
+over these connections.  Similarly, if you're sending email via
+@acronym{SMTP} that requires a password, you usually want that
+connection to be encrypted.  If the connection isn't encrypted, the
+@acronym{NSM} will warn you.
+@end table
+If @code{network-security-level} is @code{high}, the following checks
+will be made:
+@table @asis
+@item a validated certificate changes the public key
+Servers change their keys occasionally, and that is normally nothing
+to be concerned about.  However, if you are worried that your network
+connections are being hijacked by agencies who have access to pliable
+Certificate Authorities that issue new certificates for third-party
+services, you may want to keep track of these changes.
+@end table
+Finally, if @code{network-security-level} is @code{paranoid}, you will
+also be notified the first time the @acronym{NSM} sees any new
+certificate.  This will allow you to inspect all the certificates from
+all the connections that Emacs makes.
+The following additional variables can be used to control
+@acronym{NSM} details.
+@table @code
+@item nsm-settings-file
+@vindex nsm-settings-file
+The @acronym{NSM} stores details on the connections in this file.  It
+defaults to @file{~/.emacs.d/network-security.data}.
+@item nsm-save-host-names
+@vindex nsm-save-host-names
+By default, host names will not be saved per non-@code{STARTTLS}
+connection.  Instead a host/port hash is used to identify connections.
+This means that one can't casually read the settings file to see what
+servers the user has connected to.  If this variable is @code{t}, host
+names will be saved in the file, too.
+@end table
 @node Document View
 @section Document Viewing
 @cindex DVI file
diff --git a/doc/lispref/ChangeLog b/doc/lispref/ChangeLog
index 57c5c65a96a..b0da266d53a 100644
--- a/doc/lispref/ChangeLog
+++ b/doc/lispref/ChangeLog
@@ -3,6 +3,8 @@
        * processes.texi (Network Security): Made into its own section and
        fleshed out.
        (Network Security): Mention more NSM variables.
+        (Processes): Moved the Network Security Manager stuff to the Emacs
+        manual.
 2014-11-23  Lars Magne Ingebrigtsen  <larsi@gnus.org>
diff --git a/doc/lispref/elisp.texi b/doc/lispref/elisp.texi
index 754140e587c..fa665da34a4 100644
--- a/doc/lispref/elisp.texi
+++ b/doc/lispref/elisp.texi
@@ -1299,7 +1299,6 @@ Processes
 * System Processes::        Accessing other processes running on your system.
 * Transaction Queues::      Transaction-based communication with subprocesses.
 * Network::                 Opening network connections.
-* Network Security::        Managing the network security.
 * Network Servers::         Network servers let Emacs accept net connections.
 * Datagrams::               UDP network connections.
 * Low-Level Network::       Lower-level but more general function
diff --git a/doc/lispref/processes.texi b/doc/lispref/processes.texi
index c93288f2028..0952cc15f03 100644
--- a/doc/lispref/processes.texi
+++ b/doc/lispref/processes.texi
@@ -52,7 +52,6 @@ Processes}.
 * System Processes::         Accessing other processes running on your system.
 * Transaction Queues::       Transaction-based communication with subprocesses.
 * Network::                  Opening network connections.
-* Network Security::         Managing the network security.
 * Network Servers::          Network servers let Emacs accept net connections.
 * Datagrams::                UDP network connections.
 * Low-Level Network::        Lower-level but more general function
@@ -2074,108 +2073,6 @@ The connection type: @samp{plain} or @samp{tls}.
 @end defun
-@node Network Security
-@section Network Security
-@cindex Network Security Manager
-@cindex encryption
-@cindex SSL
-@cindex TLS
-@cindex STARTTLS
-After establishing a network connection, the connection is then passed
-on to the Network Security Manager (@acronym{NSM}).
-@vindex network-security-level
-The @code{network-security-level} variable determines the security
-level.  If this is @code{low}, no security checks are performed.
-If this variable is @code{medium} (which is the default), a number of
-checks will be performed.  If the @acronym{NSM} determines that the
-network connection might be unsafe, the user is made aware of this,
-and the @acronym{NSM} will ask the user what to do about the network
-connection.
-The user is given the choice of registering a permanent security
-exception, a temporary one, or whether to refuse the connection
-entirely.
-Below is a list of the checks done on the @code{medium} level.
-@table @asis
-@item unable to verify a @acronym{TLS} certificate
-If the connection is a @acronym{TLS}, @acronym{SSL} or
-@acronym{STARTTLS} connection, the @acronym{NSM} will check whether
-the certificate used to establish the identity of the server we're
-connecting to can be verified.
-While an invalid certificate is often the cause for concern (there may
-be a Man-in-the-Middle hijacking your network connection and stealing
-your password), there may be valid reasons for going ahead with the
-connection anyway.
-For instance, the server may be using a self-signed certificate, or
-the certificate may have expired.  It's up to the user to determine
-whether it's acceptable to continue the connection.
-@item a self-signed certificate has changed
-If you've previously accepted a self-signed certificate, but it has
-now changed, that either means that the server has just changed the
-certificate, or this might mean that the network connection has been
-hijacked.
-@item previously encrypted connection now unencrypted
-If the connection is unencrypted, but it was encrypted in previous
-sessions, this might mean that there is a proxy between you and the
-server that strips away @acronym{STARTTLS} announcements, leaving the
-connection unencrypted.  This is usually very suspicious.
-@item talking to an unencrypted service when sending a password
-When connecting to an @acronym{IMAP} or @acronym{POP3} server, these
-should usually be encrypted, because it's common to send passwords
-over these connections.  Similarly, if you're sending email via
-@acronym{SMTP} that requires a password, you usually want that
-connection to be encrypted.  If the connection isn't encrypted, the
-@acronym{NSM} will warn you.
-@end table
-If @code{network-security-level} is @code{high}, the following checks
-will be made:
-@table @asis
-@item a validated certificate changes the public key
-Servers change their keys occasionally, and that is normally nothing
-to be concerned about.  However, if you are worried that your network
-connections are being hijacked by agencies who have access to pliable
-Certificate Authorities that issue new certificates for third-party
-services, you may want to keep track of these changes.
-@end table
-Finally, if @code{network-security-level} is @code{paranoid}, you will
-also be notified the first time the @acronym{NSM} sees any new
-certificate.  This will allow you to inspect all the certificates from
-all the connections that Emacs makes.
-The following additional variables can be used to control
-@acronym{NSM} details.
-@table @code
-@item nsm-settings-file
-@vindex nsm-settings-file
-The @acronym{NSM} stores details on the connections in this file.  It
-defaults to @file{~/.emacs.d/network-security.data}.
-@item nsm-save-host-names
-@vindex nsm-save-host-names
-By default, host names will not be saved per non-@code{STARTTLS}
-connection.  Instead a host/port hash is used to identify connections.
-This means that one can't casually read the settings file to see what
-servers the user has connected to.  If this variable is @code{t}, host
-names will be saved in the file, too.
-@end table
 @node Network Servers
 @section Network Servers
 @cindex network servers
diff --git a/etc/ChangeLog b/etc/ChangeLog
index 867e4f5f09c..5d616129ad0 100644
--- a/etc/ChangeLog
+++ b/etc/ChangeLog
@@ -1,3 +1,7 @@
+2014-11-24  Lars Magne Ingebrigtsen  <larsi@gnus.org>
+        * NEWS: Mention NSM.
 2014-11-23  Lars Magne Ingebrigtsen  <larsi@gnus.org>
        * NEWS: Mention `url-request-noninteractive'.
diff --git a/etc/NEWS b/etc/NEWS
index da2edb66e42..6cad6a37c1b 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -49,6 +49,10 @@ Use './configure PKG_CONFIG=/full/name/of/pkg-config' if you need to.
 * Changes in Emacs 25.1
+** Network security (TLS/SSL certificate validity and the like) is
+added via the new Network Security Manager (NSM) and controlled via
+the `network-security-level' variable.
 ** C-h l now also lists the commands that were run.
 ** The new M-s M-w key binding uses eww to search the web for the

diff --git a/doc/emacs/ChangeLog b/doc/emacs/ChangeLog index aa9804fa94c..198de4f2636 100644 --- a/doc/emacs/ChangeLog +++ b/doc/emacs/ChangeLog
@@ -1,3 +1,8 @@
		1	2014-11-24 Lars Magne Ingebrigtsen <larsi@gnus.org>
		2
		3	* misc.texi (Gnus Summary Buffer): Move the Network Security
		4	Manager stuff here from the lispref manual.
		5
1	2014-11-21 Eli Zaretskii <eliz@gnu.org>	6	2014-11-21 Eli Zaretskii <eliz@gnu.org>
2		7
3	* maintaining.texi (Version Control Systems): Move "@end itemize"	8	* maintaining.texi (Version Control Systems): Move "@end itemize"


diff --git a/doc/emacs/emacs.texi b/doc/emacs/emacs.texi index 702aa64bc25..66b10145e06 100644 --- a/doc/emacs/emacs.texi +++ b/doc/emacs/emacs.texi
@@ -189,6 +189,7 @@ Advanced Features
189	* Sending Mail:: Sending mail in Emacs.	189	* Sending Mail:: Sending mail in Emacs.
190	* Rmail:: Reading mail in Emacs.	190	* Rmail:: Reading mail in Emacs.
191	* Gnus:: A flexible mail and news reader.	191	* Gnus:: A flexible mail and news reader.
		192	* Network Security:: Managing the network security.
192	* Document View:: Viewing PDF, PS and DVI files.	193	* Document View:: Viewing PDF, PS and DVI files.
193	* EWW:: A web browser in Emacs.	194	* EWW:: A web browser in Emacs.
194	* Shell:: Executing shell commands from Emacs.	195	* Shell:: Executing shell commands from Emacs.


diff --git a/doc/emacs/misc.texi b/doc/emacs/misc.texi index af5ced77b52..2295414aa55 100644 --- a/doc/emacs/misc.texi +++ b/doc/emacs/misc.texi
@@ -249,6 +249,109 @@ Search forward for articles containing a match for @var{regexp}.
249	Exit the summary buffer and return to the group buffer.	249	Exit the summary buffer and return to the group buffer.
250	@end table	250	@end table
251		251
		252
		253	@node Network Security
		254	@section Network Security
		255	@cindex Network Security Manager
		256	@cindex encryption
		257	@cindex SSL
		258	@cindex TLS
		259	@cindex STARTTLS
		260
		261	After establishing a network connection, the connection is then passed
		262	on to the Network Security Manager (@acronym{NSM}).
		263
		264	@vindex network-security-level
		265	The @code{network-security-level} variable determines the security
		266	level. If this is @code{low}, no security checks are performed.
		267
		268	If this variable is @code{medium} (which is the default), a number of
		269	checks will be performed. If the @acronym{NSM} determines that the
		270	network connection might be unsafe, the user is made aware of this,
		271	and the @acronym{NSM} will ask the user what to do about the network
		272	connection.
		273
		274	The user is given the choice of registering a permanent security
		275	exception, a temporary one, or whether to refuse the connection
		276	entirely.
		277
		278	Below is a list of the checks done on the @code{medium} level.
		279
		280	@table @asis
		281
		282	@item unable to verify a @acronym{TLS} certificate
		283	If the connection is a @acronym{TLS}, @acronym{SSL} or
		284	@acronym{STARTTLS} connection, the @acronym{NSM} will check whether
		285	the certificate used to establish the identity of the server we're
		286	connecting to can be verified.
		287
		288	While an invalid certificate is often the cause for concern (there may
		289	be a Man-in-the-Middle hijacking your network connection and stealing
		290	your password), there may be valid reasons for going ahead with the
		291	connection anyway.
		292
		293	For instance, the server may be using a self-signed certificate, or
		294	the certificate may have expired. It's up to the user to determine
		295	whether it's acceptable to continue the connection.
		296
		297	@item a self-signed certificate has changed
		298	If you've previously accepted a self-signed certificate, but it has
		299	now changed, that either means that the server has just changed the
		300	certificate, or this might mean that the network connection has been
		301	hijacked.
		302
		303	@item previously encrypted connection now unencrypted
		304	If the connection is unencrypted, but it was encrypted in previous
		305	sessions, this might mean that there is a proxy between you and the
		306	server that strips away @acronym{STARTTLS} announcements, leaving the
		307	connection unencrypted. This is usually very suspicious.
		308
		309	@item talking to an unencrypted service when sending a password
		310	When connecting to an @acronym{IMAP} or @acronym{POP3} server, these
		311	should usually be encrypted, because it's common to send passwords
		312	over these connections. Similarly, if you're sending email via
		313	@acronym{SMTP} that requires a password, you usually want that
		314	connection to be encrypted. If the connection isn't encrypted, the
		315	@acronym{NSM} will warn you.
		316
		317	@end table
		318
		319	If @code{network-security-level} is @code{high}, the following checks
		320	will be made:
		321
		322	@table @asis
		323	@item a validated certificate changes the public key
		324	Servers change their keys occasionally, and that is normally nothing
		325	to be concerned about. However, if you are worried that your network
		326	connections are being hijacked by agencies who have access to pliable
		327	Certificate Authorities that issue new certificates for third-party
		328	services, you may want to keep track of these changes.
		329	@end table
		330
		331	Finally, if @code{network-security-level} is @code{paranoid}, you will
		332	also be notified the first time the @acronym{NSM} sees any new
		333	certificate. This will allow you to inspect all the certificates from
		334	all the connections that Emacs makes.
		335
		336	The following additional variables can be used to control
		337	@acronym{NSM} details.
		338
		339	@table @code
		340	@item nsm-settings-file
		341	@vindex nsm-settings-file
		342	The @acronym{NSM} stores details on the connections in this file. It
		343	defaults to @file{~/.emacs.d/network-security.data}.
		344
		345	@item nsm-save-host-names
		346	@vindex nsm-save-host-names
		347	By default, host names will not be saved per non-@code{STARTTLS}
		348	connection. Instead a host/port hash is used to identify connections.
		349	This means that one can't casually read the settings file to see what
		350	servers the user has connected to. If this variable is @code{t}, host
		351	names will be saved in the file, too.
		352	@end table
		353
		354
252	@node Document View	355	@node Document View
253	@section Document Viewing	356	@section Document Viewing
254	@cindex DVI file	357	@cindex DVI file


diff --git a/doc/lispref/ChangeLog b/doc/lispref/ChangeLog index 57c5c65a96a..b0da266d53a 100644 --- a/doc/lispref/ChangeLog +++ b/doc/lispref/ChangeLog
@@ -3,6 +3,8 @@
3	* processes.texi (Network Security): Made into its own section and	3	* processes.texi (Network Security): Made into its own section and
4	fleshed out.	4	fleshed out.
5	(Network Security): Mention more NSM variables.	5	(Network Security): Mention more NSM variables.
		6	(Processes): Moved the Network Security Manager stuff to the Emacs
		7	manual.
6		8
7	2014-11-23 Lars Magne Ingebrigtsen <larsi@gnus.org>	9	2014-11-23 Lars Magne Ingebrigtsen <larsi@gnus.org>
8		10


diff --git a/doc/lispref/elisp.texi b/doc/lispref/elisp.texi index 754140e587c..fa665da34a4 100644 --- a/doc/lispref/elisp.texi +++ b/doc/lispref/elisp.texi
@@ -1299,7 +1299,6 @@ Processes
1299	* System Processes:: Accessing other processes running on your system.	1299	* System Processes:: Accessing other processes running on your system.
1300	* Transaction Queues:: Transaction-based communication with subprocesses.	1300	* Transaction Queues:: Transaction-based communication with subprocesses.
1301	* Network:: Opening network connections.	1301	* Network:: Opening network connections.
1302	* Network Security:: Managing the network security.
1303	* Network Servers:: Network servers let Emacs accept net connections.	1302	* Network Servers:: Network servers let Emacs accept net connections.
1304	* Datagrams:: UDP network connections.	1303	* Datagrams:: UDP network connections.
1305	* Low-Level Network:: Lower-level but more general function	1304	* Low-Level Network:: Lower-level but more general function


diff --git a/doc/lispref/processes.texi b/doc/lispref/processes.texi index c93288f2028..0952cc15f03 100644 --- a/doc/lispref/processes.texi +++ b/doc/lispref/processes.texi
@@ -52,7 +52,6 @@ Processes}.
52	* System Processes:: Accessing other processes running on your system.	52	* System Processes:: Accessing other processes running on your system.
53	* Transaction Queues:: Transaction-based communication with subprocesses.	53	* Transaction Queues:: Transaction-based communication with subprocesses.
54	* Network:: Opening network connections.	54	* Network:: Opening network connections.
55	* Network Security:: Managing the network security.
56	* Network Servers:: Network servers let Emacs accept net connections.	55	* Network Servers:: Network servers let Emacs accept net connections.
57	* Datagrams:: UDP network connections.	56	* Datagrams:: UDP network connections.
58	* Low-Level Network:: Lower-level but more general function	57	* Low-Level Network:: Lower-level but more general function
@@ -2074,108 +2073,6 @@ The connection type: @samp{plain} or @samp{tls}.
2074	@end defun	2073	@end defun
2075		2074
2076		2075
2077	@node Network Security
2078	@section Network Security
2079	@cindex Network Security Manager
2080	@cindex encryption
2081	@cindex SSL
2082	@cindex TLS
2083	@cindex STARTTLS
2084
2085	After establishing a network connection, the connection is then passed
2086	on to the Network Security Manager (@acronym{NSM}).
2087
2088	@vindex network-security-level
2089	The @code{network-security-level} variable determines the security
2090	level. If this is @code{low}, no security checks are performed.
2091
2092	If this variable is @code{medium} (which is the default), a number of
2093	checks will be performed. If the @acronym{NSM} determines that the
2094	network connection might be unsafe, the user is made aware of this,
2095	and the @acronym{NSM} will ask the user what to do about the network
2096	connection.
2097
2098	The user is given the choice of registering a permanent security
2099	exception, a temporary one, or whether to refuse the connection
2100	entirely.
2101
2102	Below is a list of the checks done on the @code{medium} level.
2103
2104	@table @asis
2105
2106	@item unable to verify a @acronym{TLS} certificate
2107	If the connection is a @acronym{TLS}, @acronym{SSL} or
2108	@acronym{STARTTLS} connection, the @acronym{NSM} will check whether
2109	the certificate used to establish the identity of the server we're
2110	connecting to can be verified.
2111
2112	While an invalid certificate is often the cause for concern (there may
2113	be a Man-in-the-Middle hijacking your network connection and stealing
2114	your password), there may be valid reasons for going ahead with the
2115	connection anyway.
2116
2117	For instance, the server may be using a self-signed certificate, or
2118	the certificate may have expired. It's up to the user to determine
2119	whether it's acceptable to continue the connection.
2120
2121	@item a self-signed certificate has changed
2122	If you've previously accepted a self-signed certificate, but it has
2123	now changed, that either means that the server has just changed the
2124	certificate, or this might mean that the network connection has been
2125	hijacked.
2126
2127	@item previously encrypted connection now unencrypted
2128	If the connection is unencrypted, but it was encrypted in previous
2129	sessions, this might mean that there is a proxy between you and the
2130	server that strips away @acronym{STARTTLS} announcements, leaving the
2131	connection unencrypted. This is usually very suspicious.
2132
2133	@item talking to an unencrypted service when sending a password
2134	When connecting to an @acronym{IMAP} or @acronym{POP3} server, these
2135	should usually be encrypted, because it's common to send passwords
2136	over these connections. Similarly, if you're sending email via
2137	@acronym{SMTP} that requires a password, you usually want that
2138	connection to be encrypted. If the connection isn't encrypted, the
2139	@acronym{NSM} will warn you.
2140
2141	@end table
2142
2143	If @code{network-security-level} is @code{high}, the following checks
2144	will be made:
2145
2146	@table @asis
2147	@item a validated certificate changes the public key
2148	Servers change their keys occasionally, and that is normally nothing
2149	to be concerned about. However, if you are worried that your network
2150	connections are being hijacked by agencies who have access to pliable
2151	Certificate Authorities that issue new certificates for third-party
2152	services, you may want to keep track of these changes.
2153	@end table
2154
2155	Finally, if @code{network-security-level} is @code{paranoid}, you will
2156	also be notified the first time the @acronym{NSM} sees any new
2157	certificate. This will allow you to inspect all the certificates from
2158	all the connections that Emacs makes.
2159
2160	The following additional variables can be used to control
2161	@acronym{NSM} details.
2162
2163	@table @code
2164	@item nsm-settings-file
2165	@vindex nsm-settings-file
2166	The @acronym{NSM} stores details on the connections in this file. It
2167	defaults to @file{~/.emacs.d/network-security.data}.
2168
2169	@item nsm-save-host-names
2170	@vindex nsm-save-host-names
2171	By default, host names will not be saved per non-@code{STARTTLS}
2172	connection. Instead a host/port hash is used to identify connections.
2173	This means that one can't casually read the settings file to see what
2174	servers the user has connected to. If this variable is @code{t}, host
2175	names will be saved in the file, too.
2176	@end table
2177
2178
2179	@node Network Servers	2076	@node Network Servers
2180	@section Network Servers	2077	@section Network Servers
2181	@cindex network servers	2078	@cindex network servers


diff --git a/etc/ChangeLog b/etc/ChangeLog index 867e4f5f09c..5d616129ad0 100644 --- a/etc/ChangeLog +++ b/etc/ChangeLog
@@ -1,3 +1,7 @@
		1	2014-11-24 Lars Magne Ingebrigtsen <larsi@gnus.org>
		2
		3	* NEWS: Mention NSM.
		4
1	2014-11-23 Lars Magne Ingebrigtsen <larsi@gnus.org>	5	2014-11-23 Lars Magne Ingebrigtsen <larsi@gnus.org>
2		6
3	* NEWS: Mention `url-request-noninteractive'.	7	* NEWS: Mention `url-request-noninteractive'.


diff --git a/etc/NEWS b/etc/NEWS index da2edb66e42..6cad6a37c1b 100644 --- a/etc/NEWS +++ b/etc/NEWS
@@ -49,6 +49,10 @@ Use './configure PKG_CONFIG=/full/name/of/pkg-config' if you need to.
49		49
50	* Changes in Emacs 25.1	50	* Changes in Emacs 25.1
51		51
		52	** Network security (TLS/SSL certificate validity and the like) is
		53	added via the new Network Security Manager (NSM) and controlled via
		54	the `network-security-level' variable.
		55
52	** C-h l now also lists the commands that were run.	56	** C-h l now also lists the commands that were run.
53		57
54	** The new M-s M-w key binding uses eww to search the web for the	58	** The new M-s M-w key binding uses eww to search the web for the