-- Leo's gemini proxy

-- Connecting to git.thebackupbox.net:1965...

-- Connected

-- Sending request

-- Meta line: 20 text/gemini

repo: gemini-site
action: commit
revision:
path_from:
revision_from: c2a308808518fb86f9b152b97d715870e0886d56:
path_to:
revision_to:

commit c2a308808518fb86f9b152b97d715870e0886d56
Author: Solderpunk <solderpunk@sdf.org>
Date:   Fri May 22 18:43:03 2020 +0000

    Best practices for TLS cipher suites.

diff --git a/docs/best-practices.txt b/docs/best-practices.txt

--- a/docs/best-practices.txt
+++ b/docs/best-practices.txt
@@ -154,3 +154,32 @@ to a non-TLS-secured protocols like HTTP or
 Gopher, assuming the client implements
 support for these protocols.  This avoids
 unintentional plaintext transfers.
+
+### TLS Cipher suites
+
+TLS 1.2 is reluctantly permitted in
+Gemini despite TLS 1.3 being drastically
+simpler and removing many insecure
+cryptographic primitives.  This is
+because only OpenSSL seems to currently
+have good support for TLS 1.3 and so
+requiring TLS 1.3 or higher would
+discourage the use of libraries like
+LibreSSL or BearSSL, which otherwise
+have much to recommend them over
+OpenSSL.
+
+Client and server authors who choose to
+support TLS 1.2 should ideally only
+permit the use of ciphersuites which
+offer similar security to TLS 1.3.  In
+particular, such software should:
+
+* Use only Ephemeral Diffie-Hellman
+  (DHE) Ephermeral Eliptic Curve
+  Diffie-Hellman (ECDHE) for key
+  agreement, in order to provide
+  forward secrecy.
+* Use AES or ChaCha20 as bulk ciphers
+* Use SHA2 or SHA3 family hash
+  functions for message authentication.

-- Response ended

-- Page fetched on Sun Jun 2 16:33:23 2024