[tech] support for Ed25519 in clients

Johann Galle johann at qwertqwefsday.eu
Wed Apr 7 23:33:39 BST 2021


Since implementing automatic certificate generation in Agate and choosing
Ed25519 as the default algorithm over ECDSA [1], I have received multiple
complaints about server operators not being able to connect to their own
servers because clients seemingly did not support this signing algorithm.

Some that were mentioned by name were Ariane, Deedum and portal.mozz.us.
I have to agree with Stéphane that this should not be the case, and other
people raised concerns about which TLS libraries are used as well.

Although I will most likely have to switch the default algorithm to ECDSA
since support for Ed25519 seems so bad, please check if a browser that
you maintain (or the library it uses respectively) does support Ed25519.
If it does not, please reconsider the library choice.


[1] The reasoning being mainly derived from what followed in this thread:

     It would be interesting to see if this has made any impact towards
     quantitative usage of Ed25519 according to Lupa.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xA4EFCC5A6174FB0F.asc
Type: application/pgp-keys
Size: 3131 bytes
Desc: OpenPGP public key
URL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20210408/0bb8ebc2/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20210408/0bb8ebc2/attachment-0001.sig>

More information about the Gemini mailing list