Coder Social home page Coder Social logo

Comments (6)

cofyc avatar cofyc commented on June 3, 2024 1

@montvid Updated in 9d0a793.

from dnscrypt-wrapper.

cofyc avatar cofyc commented on June 3, 2024

Seems reasonable. I will update docs first suggesting user to generate short-term key pairs and use key-rotation mechanism.

from dnscrypt-wrapper.

avatar commented on June 3, 2024

Use of ephemeral keys could possibly be used as a template as seen here: https://dnscrypt.is (d0wn's Icelandic servers).

from dnscrypt-wrapper.

cofyc avatar cofyc commented on June 3, 2024

Docs was updated in #113. I am not going to change the default value of --cert-file-expire-days, because it may violate user expectation.

from dnscrypt-wrapper.

montvid avatar montvid commented on June 3, 2024

@cofyc User expectation is safe default settings. The protocol specification has always recommended to keep/use a key for no more than 24 hours comment here. The problem is between you and the people who created dnscrypt - not the users. The creators of dnscrypt put a warning into the code you choose to ignore. You think you know better than the creators of dnscrypt? Users depend on your default settings to be safe so if something bad happens they will blame you not dnscrypt as you don't use recommended defaults!!! I will definitely not use a service that has 1 key for 365 days because if it is compromised all the data of <=365 days is harvested!
Wikipedia article
@X8716e ephemeral keys use too much cpu on a standard openwrt router and https://dnscrypt.is does not have a 24h key rotation so I am not going to use it.

from dnscrypt-wrapper.

montvid avatar montvid commented on June 3, 2024

Thanks a lot. Now lets hope more of the servers will implement it. Nice that jedisct1 is running one in France.

from dnscrypt-wrapper.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.