Ambrose Andrews @znalo@librem.one
F-35s don't kill starving kids and demolish cities, Senators kill starving kids and demolish cities.
books: https://librarything.com/profile/znalo
music: https://bandcamp.com/znalo
student: https://vrvl.net/~ambrose/2023pgm.html
contacts: https://znalo.com/
Joined May 2019
Ambrose Andrews
boosted
I know it will take time, but the Fediverse developers should strongly consider making the following opinionated technical decisions:
Use RFC 9421 instead of the earlier HTTP Signature spec.
Make Ed25519 the default algorithm, not 2048-bit RSA.
Ed25519 has a lot of advantages over RSA and ECDSA.
Over 2048-bit RSA:
Shorter signatures
Shorter keys (both secret and public), less storage/bandwidth overhead
More security (112-bit vs 126-bit)
Over ECDSA:
It's much faster than ECDSA
You don't have to worry about biased nonces leaking your secret key through lattice reduction
Tuned for security (no weird parameters)
Over both RSA and ECDSA:
EdDSA is constructed to provide Exclusive Ownership, which is a stronger notion of security
Easier to implement in constant-time
Bonus:
Ed25519 is approved for use in FedRAMP systems (FIPS 186-5), which Common Criteria sometimes cares about.
See more here: https://ianix.com/pub/ed25519-deployment.html and https://www.keylength.com/en/4/
F-35s don't kill starving kids and demolish cities, Senators kill starving kids and demolish cities.
books: https://librarything.com/profile/znalo
music: https://bandcamp.com/znalo
student: https://vrvl.net/~ambrose/2023pgm.html
contacts: https://znalo.com/
Joined May 2019
