monero icon indicating copy to clipboard operation
monero copied to clipboard

Published 20 hours ago verified publisher icon monero-project

net_ssl: Switch to elliptic curve SSL certificates

Open jeffro256 opened this issue 2 years ago • 6 comments

I opened an eariler to PR to make our net_ssl RSA certificate generation code to comply with OpenSSL 3.0, but @hyc suggested that we switch to elliptic curve SSL certificates since they are smaller and faster. These PR also complies with OpenSSL 3.0.

jeffro256 avatar May 24 '22 21:05 jeffro256

I suggested we think about it. Haven't seen much other discussion yet.

hyc avatar May 24 '22 21:05 hyc

Both patches exist now, guess we can talk about it in the next dev meeting.

selsta avatar May 24 '22 21:05 selsta

@hyc Yes, sorry should've clarified "suggested". I definitely welcome discussion about why this is a bad idea or not.

jeffro256 avatar May 24 '22 21:05 jeffro256

@vtnerd probably has an opinion on this too

selsta avatar May 24 '22 21:05 selsta

Can you force push here to rerun CI?

selsta avatar May 25 '22 21:05 selsta

rebased against master

jeffro256 avatar Jun 21 '22 03:06 jeffro256

I couldn't find a reliable cross-platform solution that didn't use non-rigid cryptography

jeffro256 avatar Sep 20 '22 18:09 jeffro256