a-h
commented
3 years ago I chose Elliptic Curve (EC) over RSA (the ecparam parameter) as the algorithm because from my reading, EC is more performant, which I thought might be important for a Raspberry Pi type server.
See http://ww1.microchip.com/downloads/en/DeviceDoc/00003442A.pdf for more information, however, I haven't actually tested whether it's true in this use case.
I chose the curve secp384r1 (NIST/SECG curve over a 384 bit prime field) because it's widely supported. It's got another name of P-384 and features in the baseline requirements for certificate authorities and NIST's Suite B.
While P-521 (secp521r1) would be "more secure" on paper, Chromium dropped support for it - https://bugs.chromium.org/p/chromium/issues/detail?id=478225 - not sure why. Maybe it's too secure.
There's some controversy over whether to use NIST curves, but I don't know the status of client support for ED25519. This blog post goes into a bit of detail: https://blog.pinterjann.is/ed25519-certificates.html
Perhaps in the Gemini world, we can go straight to ED25519, but I haven't tested a range of Gemini clients against the server implementation, so I went with a "safe" choice for compatibility. If you felt like testing out what TLS certificates various Gemini clients can deal with, that would be really interesting to read.
Go has support for generating certificates without OpenSSL, it's in the issues list (#1) to generate a certificate if one isn't provided, I think that would be a great change.
I chose 10 years for validity just because it's a long time.
I'm not a cryptography expert though - I'm happy to be corrected on anything I've gotten wrong by anyone who reads this, and I'm happy to take advice on better example configuration.
Hope that helps!
cloudrac3r
(from the README.)
Just wondering, how did you decide on these specific options to openssl?