Elliptic Curve. For various reasons it’s probably time to stop toodling around the Internet with a 70’s era crypto algorithm inside our certificates. Seems to me Ed25519 is a rational choice to try to use. I’m walking into a discussion that’s been going on for years. This is not a news flash. I assumed it would be straightforward. “Stick it in the certs I make with OpenSSL, start testing with latest Chrome.” My worst problem should be spelling it right in the blog post. (is it “Ed25519” or “ED25519”?)
Yeah right. Welcome to the bleeding edge.
Continue reading Walking in the Forest of Curves
Used to be you could benignly test your dns server with gibberish terms, terms that you knew would return an error. I used “woof.bark.dog”. Well, with the current dns system, there are all sorts of top level domains, and it turns out you should not assume there’s nobody there at “.dog”. These days, there is indeed a bark.dog, and while they don’t have a server named “woof” there will be an answer back. Not only has the internet gone to the dog(s), there’s .cat, .cricket, .duck.fish, and .jaguar. So think more carefully the next time you poke DNS to see if you’re running on a live connection – it might jump up and talk back.