TLS certificate sizes in Geminispace

colecmac at protonmail.com colecmac at protonmail.com
Thu Jul 9 17:50:59 BST 2020

Previous message (by thread): TLS certificate sizes in Geminispace
Next message (by thread): TLS certificate sizes in Geminispace
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> What is the consensus on those self-signed ED25519 certificates? Good? Bad? Ugly?

I prefer using EC keys, which are still quite small (256 bits), but are more widely
supported. The OpenSSL command is a bit annoying, but I made a gemlog post about it
to make it easier.

gemini://makeworld.gq/gemlog/2020-07-06-openssl.gmi

The *key* part of it is:
-newkey ec -pkeyopt ec_paramgen_curve:prime256v1

Cheers,
makeworld

Previous message (by thread): TLS certificate sizes in Geminispace
Next message (by thread): TLS certificate sizes in Geminispace
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list