Topics created by soatok@furry.engineer

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

soatok@furry.engineer

@soatok@furry.engineer

Topics

S

Me: We all know PGP is bad because it forces you to support legacy bullshit like 1024-bit RSA keys, but I'm specifically going to write a blog post about email encryption as not just a technical challenge.
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized
4

0 Votes

4 Posts

0 Views

M

@soatok Meanwhile, Signal having no fallback to plaintext. And I would genuinely be *extremely* surprised if it has a fallback that allows using 1024-bit RSA in a mode where invalid certificates and incorrect certificate hostnames are accepted…Almost makes me curious if there is any way whatsoever to trick a user into having not strict_tls there. Not curious enough to go digging through the code, though.

soatok@furry.engineer

Topics

Me: We all know PGP is bad because it forces you to support legacy bullshit like 1024-bit RSA keys, but I'm specifically going to write a blog post about email encryption as not just a technical challenge.