Closed spacesynth closed 2 years ago
ECDSA with ChaChaPoly is already supported.
If Firefox isn't automatically picking an optimal cipher suite for your hardware, maybe that can be changed in its configuration?
I don't use Firefox due to security concerns but some discussions suggests that there are such settings. Not sure how that applies to TLS 1.3, but looking for keywords such as "cipher" may return properties that can be changed.
Same, actually. I don't use Chrome due to proven security issues.
https://www.cvedetails.com/product/3264/Mozilla-Firefox.html?vendor_id=452 https://www.cvedetails.com/product/15031/Google-Chrome.html?vendor_id=1224
https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox
I've mitigated it in the meantime. It's all good.
If Firefox isn't automatically picking an optimal cipher suite for your hardware, maybe that can be changed in its configuration?
It does on every other website that supports all ciphers. Must be a negotiation problem.
Hello, I am using this to directly connect to my browser, à la
recursive unbound <--> doh-server <--> firefox
. Whilst it works amazing, I'd love support forTLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
to be added to the crypto primitives, as the server side runs on an ARM SBC.I am suggesting a preferred cryptographic cipher flag in the means of
-s, --cipher-suite
followed by an integer representing the cipher.Preferably all of them. If this is stupid or you are occupied with more important tasks and must close this issue, do not hesitate. I will be able to respect it.