-- Leo's gemini proxy
-- Connecting to git.thebackupbox.net:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini
repo: gemini-site action: commit revision: path_from: revision_from: c2a308808518fb86f9b152b97d715870e0886d56: path_to: revision_to:
commit c2a308808518fb86f9b152b97d715870e0886d56 Author: Solderpunk <solderpunk@sdf.org> Date: Fri May 22 18:43:03 2020 +0000 Best practices for TLS cipher suites. diff --git a/docs/best-practices.txt b/docs/best-practices.txt
--- a/docs/best-practices.txt +++ b/docs/best-practices.txt @@ -154,3 +154,32 @@ to a non-TLS-secured protocols like HTTP or Gopher, assuming the client implements support for these protocols. This avoids unintentional plaintext transfers. + +### TLS Cipher suites + +TLS 1.2 is reluctantly permitted in +Gemini despite TLS 1.3 being drastically +simpler and removing many insecure +cryptographic primitives. This is +because only OpenSSL seems to currently +have good support for TLS 1.3 and so +requiring TLS 1.3 or higher would +discourage the use of libraries like +LibreSSL or BearSSL, which otherwise +have much to recommend them over +OpenSSL. + +Client and server authors who choose to +support TLS 1.2 should ideally only +permit the use of ciphersuites which +offer similar security to TLS 1.3. In +particular, such software should: + +* Use only Ephemeral Diffie-Hellman + (DHE) Ephermeral Eliptic Curve + Diffie-Hellman (ECDHE) for key + agreement, in order to provide + forward secrecy. +* Use AES or ChaCha20 as bulk ciphers +* Use SHA2 or SHA3 family hash + functions for message authentication.
-----END OF PAGE-----
-- Response ended
-- Page fetched on Sun Jun 2 16:33:23 2024