Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> I'm not aware of any serious use of RFC 6091.

Was it really your intention to dismiss my application¹ as not serious?

https://www.recompile.se/mandos



It may be serious but I wasn't aware of it.

It seems your project could use x509 client certs as well as gpg ones if you wanted to use a different TLS library that didn't support GPG.


That seems like a bit of circular reasoning.

We use RFC 6091 because it’s the best fit for our problem, and allows us to avoid the needless complexity of X.509 certificates, which has caused many bugs in the past (in essentially all TLS libraries).


Using an obscure feature of one TLS library seems like a bad strategy for avoiding bugs.

If compatibility doesn't matter, I'd probably use something less crufty, like http://noiseprotocol.org/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: