[profanity] libmesode functionality in Profanity

Dmitry Podgorny pasis.uax at gmail.com
Sun Jun 14 23:00:07 CEST 2020


Hi,

I'd like to discuss the remaining difference between libmesode and
libstrophe. As far as I understand, the only functional feature of
libmesode is the ability to provide a callback to verify failed
certificates manually. However, I don't like this approach. When a cert
verification fails, we can't trust it, because any information can be fake
there. And it's a bad idea to ask users if they trust cert checking just a
few unreliable strings. Instead, I propose the following usecase:

First, libstrophe continues working based on connection TLS flags (disable,
mandatory, trust, etc). Then, on cert verification failure, connection
disconnects, but with error code that indicates TLS failure. Notice that
libstrophe has the same behaviour now, but error code needs to be unified.
Finally, new function will be provided to retrieve the certificate from
connection, so application will be able to display it.

For Profanity it will look like this: when connection is disconnected due
to cert failure, Profanity will show a help about danger and that user can
use the "trust" flag at their own risk. The flag can be stored in the
account configuration as well.

What do you think about this?

Best regards,
Dmitry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.notraces.net/pipermail/profanity/attachments/20200615/06623ee3/attachment-0001.html>


More information about the profanity mailing list