----- Forwarded message from solderpunk <solderpunk at SDF.ORG> ----- Date: Fri, 26 Jun 2020 16:44:41 +0000 From: solderpunk <solderpunk@SDF.ORG> To: Gemini application layer protocol <gemini at lists.orbitalfox.eu> Subject: Re: TLS certificate sizes in Geminispace On Fri, Jun 26, 2020 at 05:05:22PM +0200, Felix Quei?ner wrote: > Using Kristall works and it's blazingly fast, seems to be a correct > server configuration Initially, I could not access cozylabs.eu using Bombadillo. Then I upgraded my Golang version from 1.11 to 1.14 and rebuilt Bomadillo, and now it works just fine. I have not tested it yet, but I presume that exactly the same would be true of Amfora. I tried this after realising that the crypto/ed25519 package only appeared in the Go standard library with the 1.13 release (September last year). I run Debian stable, famous for lagging behind the latest release of everthing. In this case, Debian stable was far enough behind on Go that it meant Go-based clients wouldn't work with ED25519. After the *next* Debian stable release, I imagine this will not be an issue. Already with the current stable release, Python-based clients using Python's OpenSSL binding work with ED25519 just fine. My tiny little ~100 line Lua client also works just fine, although to be fair I may have pulled in some Lua libraries from LuaRocks which are more up to date than what Debian ships with. Anyway, it seems to me that we're perhaps a year or so away from a situation where even famously slow moving and outdated distributions can handle these certs out-of-the-box with a majority of clients , so let's look forward to that faster future. In the meantime, folks who like to "live on the edge" can change earlier I will probably, contrary to my earlier claim, be a bit more conservative with gemini.circumlunar.space, because that really ought to be very widely acccessible. Also in the meantime, I encourage all authors of Gemini-related software written in Go who distribute pre-compiled binaries to compile their binaries with the latest version of Go they can. Cheers, Solderpunk
---
Previous in thread (22 of 31): 🗣️ solderpunk (solderpunk (a) SDF.ORG)
Next in thread (24 of 31): 🗣️ Paul Warren (pwarren (a) pwarren.id.au)