TLS certificate sizes in Geminispace
Case Duckworth
acdw at acdw.net
Fri Jun 26 20:29:50 BST 2020
That might be my problem as well -- looks like I'm a few dot-versions behind. Which I must admit is a little concerning if this becomes the de facto cert crypto method -- even worse than the TLS 1.2/1.3 divide.
~ acdw
On Fri, Jun 26, 2020, at 6:50 PM, Sean Conner wrote:
> It was thus said that the Great Case Duckworth once stated:
> > On Fri, Jun 26, 2020, at 3:05 PM, Felix Queißner wrote:
> > >
> > > > Unfortunately, I can't access cozylabs.eu using the `openssl s_client` tool, or actually any gemini browser, including AV-98: the error there is "ERROR: [SSL: UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS] unable to find public key parameters (_ssl.c:1108)".
> > > >
> > > > This makes me think it's an error with the server, as opposed to the ED22519 key; I'd love to try another server with this type of certificate for testing.
> > > Using Kristall works and it's blazingly fast, seems to be a correct
> > > server configuration
> > >
> > > Regards
> > > - xq
> >
> > Hm, must be an issue with my network (I'm at work) then -- sorry for clogging up the ML! I'll try again at home tonight.
>
> No, I get an error with my own too simple Gemini client:
>
> ios:write() = handshake failed: error:06FFF09C:digital envelope
> routines:CRYPTO_internal:unsupported algorithm
>
> It looks to be an issue of the TLS library not supporting the crypto
> algorithm (in my case, a few months old version of LibreSSL).
>
> -spc
>
>
More information about the Gemini
mailing list