[liberationtech] DecryptoCat
Jacob Appelbaum
jacob at appelbaum.net
Tue Jul 9 11:21:47 PDT 2013
Nadim Kobeissi:
> Hi Jacob,
> You've said a lot about Cryptocat's SSL configuration — can you recommend a better configuration that is similarly compatible?
>
Hi Nadim,
I mentioned this on the cryptography list - I suggest several things.
First up - either disable all non-forward secure SSL/TLS modes or
configure a different website for those clients. In the latter case, the
website could encourage them to download a new, likely more secure
browser or it could simply inform them that you can't protect them
against important threats with such an old browser.
Secondly - I would suggest that you consider using a web-server that is
type-safe, store any key in a hardware security module, and utilize a
variety of entropy sources.
See also this set of things that can go wrong with forward secrecy:
https://www.imperialviolet.org/2013/06/27/botchingpfs.html
CryptoCat likely makes a few mistakes listed there - if not - ensure
that you document each issue, how it is mitigated and ensure you check
in your configuration files as part of CryptoCat's codebase, so that
there aren't obvious regressions.
All the best,
Jacob
More information about the liberationtech
mailing list