πΎ Archived View for gem.benscraft.info βΊ mailing-list βΊ threads βΊ 166 captured on 2021-12-05 at 23:47:19. Gemini links have been rewritten to link to archived content
β¬ οΈ Previous capture (2021-12-03)
-=-=-=-=-=-=-
- Johann Galle <johann at qwertqwefsday.eu>
@ Thu, 08 Apr 2021 00:33 +0200
In reply to
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Hello,
Since implementing automatic certificate generation in Agate and choosing
Ed25519 as the default algorithm over ECDSA [1], I have received multiple
complaints about server operators not being able to connect to their own
servers because clients seemingly did not support this signing algorithm.
Some that were mentioned by name were Ariane, Deedum and portal.mozz.us.
I have to agree with StΓ©phane that this should not be the case, and other
people raised concerns about which TLS libraries are used as well.
Although I will most likely have to switch the default algorithm to ECDSA
since support for Ed25519 seems so bad, please check if a browser that
you maintain (or the library it uses respectively) does support Ed25519.
If it does not, please reconsider the library choice.
Regards,
Johann
[1] The reasoning being mainly derived from what followed in this thread:
<https://lists.orbitalfox.eu/archives/gemini/2021/006134.html>
Β Β Β It would be interesting to see if this has made any impact towards
Β Β Β quantitative usage of Ed25519 according to Lupa.
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
OpenPGP_0xA4EFCC5A6174FB0F.asc
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
- StΓ©phane Bortzmeyer <stephane at sources.org>
@ Sun, 11 Apr 2021 08:27 +0200
In reply to Johann Galle <johann at qwertqwefsday.eu>
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
On Thu, Apr 08, 2021 at 12:33:39AM +0200,
Johann Galle <johann@qwertqwefsday.eu> wrote
a message of 170 lines which said:
choosing Ed25519 as the default algorithm over ECDSA [1], I have
received multiple complaints about server operators not being able
to connect to their own servers because clients seemingly did not
support this signing algorithm.
Lupa <gemini://gemini.bortzmeyer.org/software/lupa/stats.gmi> shows
that indeed only a small minority of capsules use Ed25519. There is
probably a chicken-and-egg probleme here, since client support, as you
noticed, is poor, which does not motivate capsulemasters.
This is a serious problem for Gemini. Ed25519 in TLS was standardized
in RFC 8410 <gemini://gemini.bortzmeyer.org/rfc-mirror/rfc8410.txt>,
more than two years ago. And of course, it is much older than that, so
all TLS implementations should have it by now. The Web has no such
problem.
Ed25519 has two characteristics:
a strength, since there was documented evidence of standard
development organizations like NIST tampering with the security of
algorithms, to make surveillance easier,
So I do not really see why someone would like to use exotic TLS
libraries without Ed25519.
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
- Jason McBrayer <jmcbray at carcosa.net>
@ Mon, 12 Apr 2021 11:59 -0400
In reply to StΓ©phane Bortzmeyer <stephane at sources.org>
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
StΓ©phane Bortzmeyer writes:
So I do not really see why someone would like to use exotic TLS
libraries without Ed25519.
Do we have a list of which libraries do not include Ed25519?
--
Jason McBrayer | βStrange is the night where black stars rise,
jmcbray@carcosa.net | and strange moons circle through the skies,
| but stranger still is lost Carcosa.β
| β Robert W. Chambers,The King in Yellow
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
- Kelson Vibber <kelson at pobox.com>
@ Mon, 12 Apr 2021 14:04 -0700
In reply to Jason McBrayer <jmcbray at carcosa.net>
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
> Do we have a list of which libraries do not include Ed25519?
It looks like it was only recently added to plain Java in JDK 15:
https://seanjmullan.org/blog/2020/10/13/jdk15
That may be why both of the Android clients I tried (Ariane and Deedum)
were unable to connect when I used a default-generated cert from Agate.
FWIW, it also looks like neither Chromium nor Firefox supports Ed25519
signatures
https://security.stackexchange.com/questions/236931/whats-the-deal-with-x25519-support-in-chrome-firefox
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
- Michael Lazar <lazar.michael22 at gmail.com>
@ Mon, 12 Apr 2021 17:55 -0400
In reply to Jason McBrayer <jmcbray at carcosa.net>
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
On Mon, Apr 12, 2021 at 11:59 AM Jason McBrayer <jmcbray@carcosa.net> wrote:
StΓ©phane Bortzmeyer writes:
> So I do not really see why someone would like to use exotic TLS
> libraries without Ed25519.
Do we have a list of which libraries do not include Ed25519?
portal.mozz.us is using openssl 1.0.2k from the Centos 7 repo [0],
which is still supported, but old enough that it doesn't include
ed25519.
- Michael
[0] https://centos.pkgs.org/7/centos-updates-x86_64/openssl-1.0.2k-21.el7_9.x86_64.rpm.html
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
- Jason McBrayer <jmcbray at carcosa.net>
@ Tue, 13 Apr 2021 09:56 -0400
In reply to Michael Lazar <lazar.michael22 at gmail.com>
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Michael Lazar writes:
On Mon, Apr 12, 2021 at 11:59 AM Jason McBrayer <jmcbray@carcosa.net> wrote:
>
> StΓ©phane Bortzmeyer writes:
>
> > So I do not really see why someone would like to use exotic TLS
> > libraries without Ed25519.
>
> Do we have a list of which libraries do not include Ed25519?
portal.mozz.us is using openssl 1.0.2k from the Centos 7 repo [0],
which is still supported, but old enough that it doesn't include
ed25519.
Yeah, that doesn't surprise me too much. I am a little surprised that
it's newer (1.1.1d) in Debian stable, but it's probably just a release
cycle thing. It looks like ed25519 support appears in OpenSSL 1.1.1.
--
Jason McBrayer | βStrange is the night where black stars rise,
jmcbray@carcosa.net | and strange moons circle through the skies,
| but stranger still is lost Carcosa.β
| β Robert W. Chambers,The King in Yellow
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ