📅 Original date posted:2014-08-19
📝 Original message:On Tue, Aug 19, 2014 at 9:07 AM, Justus Ranvier
<justusranvier at riseup.net> wrote:
> If that's not acceptable, even using TLS with self-signed certificates
> would be an improvement.
TLS is a huge complex attack surface, any use of it requires an
additional dependency with a large amount of difficult to audit code.
TLS is trivially DOS attacked and every major/widely used TLS
implementation has had multiple memory disclosure or remote execution
vulnerabilities even in just the last several years.
We've dodged several emergency scale vulnerabilities by not having TLS.
Gregory Maxwell [ARCHIVE] /
npub1f2…crwet
2023-06-07 15:25:19
in reply to nevent1q…62js
Author Public Key
npub1f2nvlx49er5c7sqa43src6ssyp6snd4qwvtkwm5avc2l84cs84esecrwetPublished at
2023-06-07 15:25:19Event JSON
{
"id": "9f7c0ec97c55836657344e79dc58dd0b637f11c53aa16dd25fb77becd5ca5236",
"pubkey": "4aa6cf9aa5c8e98f401dac603c6a10207509b6a07317676e9d6615f3d7103d73",
"created_at": 1686151519,
"kind": 1,
"tags": [
[
"e",
"f7d80207f3f3e09247c97d3e8c17b8e8b9ffc855be5e4ac09f019815084b2528",
"",
"root"
],
[
"e",
"aec068b7da335d7b4b2f4787d2c012392c2c461c26f1d155e3db13d9f7e852a3",
"",
"reply"
],
[
"p",
"b2b39b6f2c86908d3da9f500193abd5757b21cac328f838800a48c4d557c10dd"
]
],
"content": "📅 Original date posted:2014-08-19\n📝 Original message:On Tue, Aug 19, 2014 at 9:07 AM, Justus Ranvier\n\u003cjustusranvier at riseup.net\u003e wrote:\n\u003e If that's not acceptable, even using TLS with self-signed certificates\n\u003e would be an improvement.\n\nTLS is a huge complex attack surface, any use of it requires an\nadditional dependency with a large amount of difficult to audit code.\nTLS is trivially DOS attacked and every major/widely used TLS\nimplementation has had multiple memory disclosure or remote execution\nvulnerabilities even in just the last several years.\n\nWe've dodged several emergency scale vulnerabilities by not having TLS.",
"sig": "24bf5ddf4b0f130e348bcc1ba962f35c699ea499d3e14acf556aa0a4d4d3a3dd2cfaad08139269ed32dcd39103adadc3abc0008ce33b8848aa43220e2931994b"
}