About document signing

On Mon, May 18, 2020 at 03:06:24PM +0200, kaoD wrote:
 
> I love cryptography so this is kinda my area of interest. Just to add to
> solderpunk's great reply: modern TLS with DH also adds forward secrecy,
> which is a very desirable property that GPG lacks.

I am planning for the next spec revision to state that Gemini
transactions using TLS 1.2 MUST use only a limited set of ciphersuites,
all of which will provide forward secrecy.  I will be relying on the
community to help curate a list of example code for different
languages/libraries to impose these constraints.

As I've said elsewhere, I would *love* to spec only TLS 1.3 or above,
where all options provide forward secrecy and old cruft like RC4 has
been removed.  But this would be equivalent to requiring OpenSSL, which
I'd rather not do.  As a compromise, 1.2 will be allowed but only if
used responsibly.

> Can you elaborate? What is TLS interception and how does it make TLS broken?

I imagine this is mostly in reference to companies loading their
employee's computers with browsers that have the company's own CA added
alongside the browser's defaults.  Which is not a cryptographic break of
TLS in any way.

Cheers,
Solderpunk

---

Previous in thread (4 of 9): 🗣️ kaoD (elkaod (a) gmail.com)

Next in thread (6 of 9): 🗣️ defdefred (defdefred (a) protonmail.com)

View entire thread.