💾 Archived View for gemi.dev › gemini-mailing-list › 000823.gmi captured on 2024-06-16 at 14:41:43. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-12-28)
-=-=-=-=-=-=-
On Tuesday, March 16, 2021 11:40 AM, Stephane Bortzmeyer <stephane@sources.org> wrote: > On Tue, Mar 16, 2021 at 11:30:14AM +0100, > Omar Polo op@omarpolo.com wrote > a message of 44 lines which said: > > > not a tls experts, but I think my issues are caused by the ed25519 key. > > I recall reading something that libressl don't support those keys yet > > If so, this is certainly a serious problem with LibreSSL. RFC 8410, > which added these keys in certificates, is already 2.5 years old. > > According to Lupa > gemini://gemini.bortzmeyer.org/software/lupa/stats.gmi, 8 capsules > use this type of key. Can you connect to them: There are a bunch of "no shared cipher" in the log, so I guess we'll have to switch to ECDSA then. I thought ED25519 would be more widespread in capsules by now, that's what I get for forgetting valuable tools such as Lupa exists. LibreSSL should have support for ED25519 since this commit: https://github.com/openbsd/src/commit/0ad90c3e6b15b9b6b8463a8a0f87d70c83a07ef4 -- Katarina
On Tue, Mar 16, 2021 at 04:07:32PM +0000, Katarina Eriksson <gmym@coopdot.com> wrote a message of 29 lines which said: > There are a bunch of "no shared cipher" in the log, so I guess we'll > have to switch to ECDSA then. That would be too bad. Many people appreciate Ed25519 because, unlike ECDSA, it does not rely on government algorithms. I assume this would be important for some geminauts. May be instead to insist on people so that they use proper TLS libraries? Ed25519 is not so recent and has free software code available.
---
Previous Thread: [users] Announcing Gemini Discovery at gemini://discovery.geminiprotocol.com/