[tech] LibreSSL and ed25519 (Re: [users] Announcing Gemini Discovery at gemini://discovery.geminiprotocol.com/)
gmym at coopdot.com
Tue Mar 16 16:07:32 GMT 2021
On Tuesday, March 16, 2021 11:40 AM, Stephane Bortzmeyer <stephane at sources.org> wrote:
> On Tue, Mar 16, 2021 at 11:30:14AM +0100,
> Omar Polo op at omarpolo.com wrote
> a message of 44 lines which said:
> > not a tls experts, but I think my issues are caused by the ed25519 key.
> > I recall reading something that libressl don't support those keys yet
> If so, this is certainly a serious problem with LibreSSL. RFC 8410,
> which added these keys in certificates, is already 2.5 years old.
> According to Lupa
> gemini://gemini.bortzmeyer.org/software/lupa/stats.gmi, 8 capsules
> use this type of key. Can you connect to them:
There are a bunch of "no shared cipher" in the log, so I guess we'll have to switch to ECDSA then. I thought ED25519 would be more widespread in capsules by now, that's what I get for forgetting valuable tools such as Lupa exists.
LibreSSL should have support for ED25519 since this commit:
More information about the Gemini