@dietrich This is huge; thanks for sharing.

#SmallWeb #ed25519 #WebCryptoAPI

Are you into #mathematics?
Do you know #students that still look for a subject to graduate on?

Assign them to implement #Ed25519 in #Erlang.

I was informed that the #Elixir community will thank you.

Would be great if the #AppSec community like #WeHackPurple and friends could spread the word!

Here is a #poem about #Ed25519

Just upgraded my SSH authentication key to #Ed25519.

Among the choices: #ECDSA or #Ed25519? The later is not mandated by the RFCs.

#DNSSEC

@iThreepwood
Another opportunity for me to mention that #Azure does not support #ed25519 to this day 😠

And I kind if wonder why...?
@evrys

#GitHub changed their RSA SSH host key which can be the reason why any secure Git operations suddenly starting to fail.

Remove current key:
ssh-keygen -R github.com

Get new key:
ssh -T git@github.com
Confirm with yes after verifying the fingerprint with https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints.

Might be a good opportunity to switch to #ECDSA or #Ed25519 keys.

Official announcement: https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/

I'm so used to #ED25519 on #GitHub and it's almost always an "Oh!" moment when #AzureDevOps Repos says 'Invalid key: Valid keys will start with "ssh-#rsa"'

It’s 2023 and you’re designing a decentralised system based on public-key cryptography where a person’s identity(ies) are their public key(s).

Do you…

#cryptography #postQuantumCryptography #pqc #pq #ed25519 #curve25519 #x25519 #SmallWeb #Kitten

Developers, every one of your machines should have its own ssh key. Creating one is very simple. Here’s a handy one-liner by Ben McDonald that you can add as an alias to your dotfiles:

ssh-keygen -t ed25519 -f $HOME/.ssh/id_ed25519 -C "$(whoami)@$(hostname)-$(date +'%y%m%d')"

This will create those lovely tiny ed25519 keys that we all know and love (thanks, Daniel!)

https://www.mebmc.uk/posts/creating_ed25519_ssh_keys.html

#ssh #security #authentication #ed25519

In the year of the Lord 2023, #Azure #DevOps still doesn't support #ed25519.

How to move away from RSA for SSH keys

https://xeiaso.net/blog/move-away-rsa-ssh

#OpenSSH #RSA #ed25519 #security #sre #NixOS

#LibreSSL 3.7.0 has been released!

Release notes here:
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.7.0-relnotes.txt

I'll be prepping a story submission for #undeadly next.

I already submitted a #MacPorts PR to update libressl-devel here: https://github.com/macports/macports-ports/pull/16955

(Though the CI checks are still running at the moment. Hopefully they will pass and someone with commit access can merge.)

A lot of people have been waiting for #Ed25519 support, and it appears as if some provisions along those lines are mentioned under New features.

I may have had to physically intercept the #royalmail #postman but my new #yubikeys have finally arrived! Now the dilemma - do I go with #ed25519 keys supported by my #yubikey5 or stick with #rsa as supported by my other three #yubikey4 keys? #privacy #security #ssh #pgp

A #URI type for #Ed25519 public-keys might be useful.

Maybe something like:

id:ed25519:hex.f034e38aae519cbf34c29a755f08b27ffb8175a9863405ebe572b18b65ec7fd9

(With a hexadecimal encoding.)

Which might be equivalent to

id:ed25519:b64.8DTjiq5RnL80wpp1Xwiyf_uBdamGNAXr5XKxi2Xsf9k

(With a base64url encoding.)

That way you could use it as a personal ID, in many contexts.

(I suppose this is a bit like the #acctURI )

base64 + seeded keypairs = a nice way to identify local test #Ed25519 private keys

<insert obvious disclaimer to never use this for production>

#cryptography

@usul @mab on peut aussi signer des clés #ed25519 dans la monnaie libre et en faire ce qu'on veut :)

Funny when you think I was hanging out with Daniel ages ago without a clue who he was or what he’d done.

And to think how important his work is to the Small Web (and to privacy in general in the digital and networked age)…

PS. He also happens to be a lovely, humble guy and a very engaging and funny presenter. You can do far worse than to watch his talk from the conference we met at:

https://projectbullrun.org/surveillance/2015/video-2015.html

#cryptography #ed25519 #curve25519 #x25519 #DanielJBernstein #SmallWeb

Nice to see Node.js moving ahead with experimental ed25519 support in its implementation of the Web Crypto API without waiting for browser implementations. Can’t believe it‘s taken this long.

https://nodejs.org/api/webcrypto.html#ed25519ed448x25519x448-key-pairs

(Though it looks like it might be implemented in browsers sometime this decade too… https://github.com/w3c/webcrypto/issues/196)

Until then, may I recommend the excellent (and tiny/audited) noble-ed25519 library by Paul Miller: https://github.com/paulmillr/noble-ed25519/

#cryptography #ed25519 #web #SmallWeb #SmallTech

@usul Sur l'atelier #Duniter, vous pourrez apprendre comment faire coopter votre clé #ed25519 dans la toile de confiance #Ğ1.
https://wotmap.duniter.org/