[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] [PATCH] Allow to redefine ciphers list for OpenSSL
From: |
Tomas Hozza |
Subject: |
Re: [Bug-wget] [PATCH] Allow to redefine ciphers list for OpenSSL |
Date: |
Mon, 21 Jul 2014 04:27:17 -0400 (EDT) |
----- Original Message -----
> On 17/07/14 13:49, Tomas Hozza wrote:
> > I agree. The patch didn't take any configuration possibility from the user.
> > The users would be able to configure whatever in the same way they were
> > before.
> >
> > Please really see some of those patches I sent. The discussion was little
> > bit confusing at some points ~ like the intentions were interpreted
> > differently.
> >
> > Regards,
>
> I still strongly oppose to the patch. If the user configures wget to
> only use Perfect
> Forward Security, and your patch makes wget connect to a server not
> using it you
> are overriding user configuration (in the weakening direction).
> See my last email for details.
I still didn't manage to look at this closer. However I agree with you
this is not good. Thank you for pointing this out!
I already contacted the Fedora Feature owner (who is proposing these
changes) and will not try to change ciphers list until he comments on
this issue. This issue could have much broader impact than just on wget.
> Patch v3 also seem to coalesce the different options of
> --secure-protocol if using
> GnuTLS, which IMHO doesn't make sense either.
I kind of agree.
> PS: s/cipers/ciphers/ in v3
Thanks.
Regards,
--
Tomas Hozza
Software Engineer - EMEA ENG Developer Experience
PGP: 1D9F3C2D
Red Hat Inc. http://cz.redhat.com
- Re: [Bug-wget] [PATCH] Allow to redefine ciphers list for OpenSSL, (continued)
- Re: [Bug-wget] [PATCH] Allow to redefine ciphers list for OpenSSL, Ángel González, 2014/07/12
- Re: [Bug-wget] [PATCH] Allow to redefine ciphers list for OpenSSL, Giuseppe Scrivano, 2014/07/15
- Re: [Bug-wget] [PATCH] Allow to redefine ciphers list for OpenSSL, Tomas Hozza, 2014/07/17
- Re: [Bug-wget] [PATCH] Allow to redefine ciphers list for OpenSSL, Giuseppe Scrivano, 2014/07/17
- Re: [Bug-wget] [PATCH] Allow to redefine ciphers list for OpenSSL, Ángel González, 2014/07/18
- Re: [Bug-wget] [PATCH] Allow to redefine ciphers list for OpenSSL, Darshit Shah, 2014/07/19
- Re: [Bug-wget] [PATCH] Allow to redefine ciphers list for OpenSSL, Tomas Hozza, 2014/07/21
- Re: [Bug-wget] [PATCH] Allow to redefine ciphers list for OpenSSL,
Tomas Hozza <=