From: "Michael Ströder" <michael@stroeder.com>
To: galene@lists.galene.org
Subject: [Galene] Re: Heads up: Galène generates self-signed certificates
Date: Wed, 24 Feb 2021 20:47:40 +0100 [thread overview]
Message-ID: <9fb4bedf-0195-7515-dc54-2d225504f874@stroeder.com> (raw)
In-Reply-To: <87mtvtqn5d.wl-jch@irif.fr>
Disclaimer:
Yes, sometimes I have very strong opinions too. ;-)
But my words are definitely not meant as personal offense.
On 2/24/21 8:30 PM, Juliusz Chroboczek wrote:
> I implemented
> automatic generation of self-signed certificates if a certificate is not
> found in the data/ directory.
Hmm, given that
1. it's bad practice to let the user click accept-this-weird-stuff
buttons and
2. that browsers are already making it more difficult or almost
impossible for inexperienced end users to accept bad certs
it's IMHO not very useful.
> 1. If you're currently using a real certificate (stored in data/cert.pem
> and data/key.pem), there's nothing to do. The only difference is that
> Galène will notice when you update the certificate, and load the new
> certificate automatically.
Does it also check whether cert and key match, e.g. have same RSA
modulus? That's one of the very common configuration errors. And when
automatically reloading two files there is a race condition.
If at least one of cert.pem and key.pem are present but it does not
work, please ensure that it fails early, fails hard. An accidential
fall-back to a transient self-signed cert has to be strictly avoided.
> The self-signed certificate uses 2048-bit RSA, which I understand is
> compatible with all browsers. I could easily generate ed25519 or P-256
> instead, if you understand the crypto please let me know what to do.
A transient self-signed cert gives no security at all, not even
TOFU-based. So it's waste of time to seriously think about the crypto stuff.
Ciao, Michael.
next prev parent reply other threads:[~2021-02-24 19:47 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-24 19:30 [Galene] " Juliusz Chroboczek
2021-02-24 19:47 ` Michael Ströder [this message]
2021-02-24 21:16 ` [Galene] " Juliusz Chroboczek
2021-02-24 21:24 ` Juliusz Chroboczek
2021-02-24 21:29 ` Dave Taht
2021-02-24 21:55 ` Toke Høiland-Jørgensen
2021-02-24 21:57 ` Michael Ströder
2021-02-24 22:25 ` Juliusz Chroboczek
2021-02-24 22:02 ` Juliusz Chroboczek
2021-02-24 21:44 ` Michael Ströder
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.galene.org/postorius/lists/galene.lists.galene.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9fb4bedf-0195-7515-dc54-2d225504f874@stroeder.com \
--to=michael@stroeder.com \
--cc=galene@lists.galene.org \
--subject='[Galene] Re: Heads up: Galène generates self-signed certificates' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox