| 23 Apr 2025 |
 Irenes | oh I see, mTLS is TLS with mutual authentication | 20:40:06 |
| Irenes | excellent | 20:40:09 |
| Irenes | I'm highly supportive of that | 20:40:12 |
| Irenes | I had to look it up :) I had it in my head that it was a UDP-based TLS-like, which I know a lot less about | 20:40:26 |
| Irenes | also, for programmatically initiating client connections with TLS you have several robust libraries you can use - openssl, libressl, boringssl, ... | 20:41:17 |
| Irenes | with SSH you have one choice and it's libssh | 20:41:29 |
| Irenes | it's not a bad library, but, it can be nice to know that there are alternatives if you ever find yourself going in a different direction than upstream | 20:42:04 |
| Irenes | the SSH protocol kind of stopped getting new features a while ago, like, it's nominally still maintained but most of the love has gone towards TLS | 20:43:12 |
| Irenes | not that new and shiny is always good, but, these are security and production features, you know? | 20:43:22 |
| Irenes | ssh itself gets new stuff all the time, just, the protocol is kinda ... well, I said it already | 20:43:52 |
| Irenes | okay | 20:44:02 |
| Irenes | sorry for the lecture! | 20:44:05 |
| Irenes | I offer this only to inform, because it's an area I've dug into, I am happy to go along with whatever people want | 20:44:21 |
| Irenes | and of course it's not decided this is happening at all | 20:44:27 |
| Irenes | but yeah | 20:44:30 |
 Charles | oh huh so did i | 23:57:30 |
 hexa | dTLS is that | 23:59:56 |
| 24 Apr 2025 |
| Irenes | ahh | 00:00:06 |
| hexa | * DTLS is that | 00:00:10 |
| Irenes | it's almost as if the convenient acronyms aren't so much :) | 00:00:16 |
| Irenes | thank you | 00:00:20 |
| hexa | I swear there was a security issue around DTLS that had a name | 00:00:58 |
| hexa | was it heartbleed? | 00:01:34 |
| hexa | oh, but that also affected TLS | 00:02:13 |
| Irenes | was it the one based on the weird three-way handshake | 00:05:47 |
| Irenes | I remember about ten years ago cloudflare announced something fancy about their handshakes, and a few months later someone announced a vulnerability suspiciously similar to the thing cloudflare bragged about | 00:06:27 |
| Irenes | (though cloudflare's thing was clearly "okay") | 00:06:37 |
| Irenes | but this is a very hazy memory | 00:06:40 |
| Irenes | I think it was probably closer to 15 years ago | 00:06:47 |
| Irenes | I didn't think it was UDP-related though | 00:07:17 |
