~apreiml/hare-tls

Initial hare-tls API pushed

Details
Message ID
<d1cbaac8-1dde-b4d8-a750-5204359e8f2b@strohwolke.at>
DKIM signature
missing
Download raw message
Hi everyone,

I've just pushed the initial TLS API. From now on I'll post breaking 
changes or major feature updates to this mailing list. Hare-tls is still 
in heavy development and currently provides no security guarantees at 
all. Use it only for experimentation and at your own risk.

Currently only ED25519 keys and server certificates are supported. You 
must need to generate them using an external tool, like openssl. State 
handling is in development so it will still fail at edge cases. The 
supported cipher suites and key exchange methods are also very limited. 
Connecting to a nginx with default configuration should work though.

Please see haredoc or take a look at the commands in the cmd folder for 
more information on how to use the module.

I'll focus on self-signed certificate validation next. Also I'll still 
clean up the state handling code and some of the hacks I've left behind.

Of course I'm open for feedback and if you use it for some neat project 
of yours, please share. I'm also open to adjust my priorities, if some 
feature is a blocker for your project.

Have Fun!
Reply to thread Export thread (mbox)