💾 Archived View for rawtext.club › ~sloum › geminilist › 002170.gmi captured on 2020-11-07 at 02:43:32. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2020-09-24)
-=-=-=-=-=-=-
Solderpunk solderpunk at posteo.net
Fri Jul 10 10:30:38 BST 2020
- - - - - - - - - - - - - - - - - - -
On Thu Jul 9, 2020 at 6:29 PM CEST, Petite Abeille wrote:
On Jun 26, 2020, at 15:56, solderpunk <solderpunk at SDF.ORG> wrote:
cozylabs.eu achieves this feat with a single self-signed ED25519
certificate.
What is the consensus on those self-signed ED25519 certificates? Good?
Bad? Ugly?
My opinion is that they are very nice certs indeed and it would belovely if we could all use them for everything, but we're probably afew years away from a point where a server admin can be confident that,say, 95% or more of potential visitors will be on systems where thiswill "just work". In the interim, ECDSA certificates using the NISTcurves (yes, the ones everybody is suspicious of) are probably the bestpossible trade-off between small size and good support.
I've finally started work on my little super-simple certificategenerator. By default it uses ECDSA with the P256 curve. You can feedit an option to use ED25519 instead. That's it, there is no support forRSA.
Cheers,Solderpunk