Jonas Smedegaard <d...@jones.dk> wrote: > Would be nice if those knowledgeable about crypto could propose a > shortlist of purposes, and corresponding CAs and cipher suites.
I see no reason offhand for a Box to trust any CA. That is a problem for the browsers, not a server. To identify the box to browsers, we could create a Box project CA, get certs from some existing CA, or use self-signed certs. I'd favour the latter because it is simpler, but then we need to document a requirement that browsers check for cert changes. Without that check, self-signed certs can be replaced by an attacker. As for cipher suites, we should very strongly prefer ones that offer perfect forward secrecy: https://www.eff.org/deeplinks/2013/08/pushing-perfect-forward-secrecy-important-web-privacy-protection The obvious cipher to use is AES, but it would be preferable to provide some other options as well. "When asked to implement AES, the implementer might include the other finalists — Twofish, Serpent. RC6 and MARS — as well. This provides useful insurance against the (presumably unlikely) risk of someone finding a good attack on AES. Little extra effort is required since open source implementations of all these ciphers are readily available ... All except RC6 have completely open licenses." http://en.citizendium.org/wiki/Block_cipher#The_AES_generation The obvious hash to use is SHA-2, probably along with the plug-in compatible SHA-3. > Anyone knowledgeable about crypto that can help out? See also old discussion in this thread, and likely elsewhere too: http://lists.alioth.debian.org/pipermail/freedombox-discuss/2011-April/001439.html _______________________________________________ Freedombox-discuss mailing list Freedombox-discuss@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
