archive snowblossom slack dev
prev 2018-09-18 next
2018-09-18 16:53:24
Fireduck
ah, there is a medium way to annoy people without notifying all mobile devices
2018-09-18 16:55:06
fydel
i think most people have disabled these kind of messages in slack or discord.
2018-09-18 16:56:43
Fireduck
sure. I don't want to do @ channel because that will go to mobile
2018-09-18 17:06:14
fydel
ah. okay. :smile:
2018-09-18 17:46:24
Rotonen
slack caters to real communications needs
2018-09-18 17:47:52
Fireduck
I really like it
2018-09-18 19:16:53
Fireduck
ok, hell yeah. I got the TLS working nicely with my custom trust manager and can embed data into the cert.
2018-09-18 19:17:15
Fireduck
So the cert will have the snowblossom address spec encoded in it
2018-09-18 19:18:11
Fireduck
so when we connect to a server, all we need to know is the hostname and expected snowblossom address and the cert needs to have a address spec that matches that address and be signed by the key required for that address spec
2018-09-18 19:18:38
Fireduck
downside is this shitshow ssl library only supports some curves, but can't win them all
2018-09-18 19:19:10
Fireduck
I guess as long as we aren't saving certs in the peer gossip, no real harm in just using RSA for the TLS
2018-09-18 19:19:21
Fireduck
keep is simple and avoid the curve soup game
2018-09-18 19:33:22
Rotonen
say, are those the nsa provided curves by any chance?
2018-09-18 19:33:39
Fireduck
yes
2018-09-18 19:34:01
Fireduck
secp256r1 is supported, secp256k1 is not
2018-09-18 19:34:21
Rotonen
i’m rather tempted to paste admiral ackbar
2018-09-18 19:34:42
Fireduck
yeah, there are absolutely guys at the NSA trying to make crypto stronger.
2018-09-18 19:34:56
Fireduck
There are absolutely guys at the NSA trying to break crypto
2018-09-18 19:35:00
Fireduck
hard to say which is which
2018-09-18 19:35:21
Rotonen
the curve fitting undisclosure made the whole community antsy
2018-09-18 19:35:43
Fireduck
right, never trust random numbers with no clear source
2018-09-18 19:35:56
Rotonen
and yeah, no one can make heads or tails, which might just as well be the point too
2018-09-18 19:37:16
Fireduck
but yeah, I really don't want to have random nodes that can't talk to other nodes because of curve problems so makes sense to just use RSA keys for all the node to node communication
2018-09-18 19:37:55
Rotonen
4k RSA should still have years left
2018-09-18 19:38:26
Fireduck
sure, and this isn't super high security needs
2018-09-18 20:03:46
Fireduck
ok, now that it works I need to refactor everything I've done to not be a complete mess
2018-09-18 20:03:51
Fireduck
oh well, that is how exploration goes
2018-09-18 20:05:51
Clueless
woo
2018-09-18 20:06:13
Fireduck
to be clear, the part that works is using TLS to make connections
2018-09-18 20:06:25
Fireduck
There is still quite a lot of work to do on this project
2018-09-18 21:53:26
Rotonen
i think the wider audience does not care unless it is a gui wallet with integrated mining
2018-09-18 21:54:17
Fireduck
The wider audience elected Trump
2018-09-18 21:55:05
Fireduck
Mass appeal isn't a game we are likely to win, at least not at first
2018-09-18 22:01:24
Rotonen
that’s a goalpost move, but yep