💾 Archived View for rawtext.club › ~sloum › geminilist › 006136.gmi captured on 2023-11-14 at 09:35:14. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2021-11-30)

-=-=-=-=-=-=-

<-- back to the mailing list

[tech] LibreSSL and ed25519 (Re: [users] Announcing Gemini Discovery at gemini://discovery.geminiprotocol.com/)

Katarina Eriksson gmym at coopdot.com

Tue Mar 16 16:07:32 GMT 2021

- - - - - - - - - - - - - - - - - - - 

On Tuesday, March 16, 2021 11:40 AM, Stephane Bortzmeyer <stephane at sources.org> wrote:

On Tue, Mar 16, 2021 at 11:30:14AM +0100,
Omar Polo op at omarpolo.com wrote
a message of 44 lines which said:
not a tls experts, but I think my issues are caused by the ed25519 key.
I recall reading something that libressl don't support those keys yet
If so, this is certainly a serious problem with LibreSSL. RFC 8410,
which added these keys in certificates, is already 2.5 years old.
According to Lupa
gemini://gemini.bortzmeyer.org/software/lupa/stats.gmi, 8 capsules
use this type of key. Can you connect to them:

There are a bunch of "no shared cipher" in the log, so I guess we'll have to switch to ECDSA then. I thought ED25519 would be more widespread in capsules by now, that's what I get for forgetting valuable tools such as Lupa exists.

LibreSSL should have support for ED25519 since this commit:

https://github.com/openbsd/src/commit/0ad90c3e6b15b9b6b8463a8a0f87d70c83a07ef4

--Katarina