12 Feb: Camellia Appreciation Day!
Moderators: FranklinDM, Lootyhoof
12 Feb: Camellia Appreciation Day!
Wednesday February 12th 2020 will be Camellia Appreciation Day on this forum!
That day we will only allow browsers on this forum that support the strong and mature Camellia cipher for encryption.
We will also extend this to the main website's optional https.
We will do this to voice our support for this very much underappreciated cipher that, to this day, has no known cryptographic vulnerabilities or weaknesses (unlike the much-used AES). It is also a modern, mature and secure cipher that has been approved and certified by the IETF, ISO/IEC, NESSIE and CRYPTREC.
In its full implementation as used on the Internet, the cipher is completely unbroken; there are also no known successful attacks that weaken the cipher considerably.
While it is currently only adopted as a block cipher in mainstream libraries (including NSS and OpenSSL), it is fairly easy to extend this to include GCM (Galois/Counter Mode) to further strengthen suites that use Camellia. In fact, Pale Moon for a while had included GCM suites with Camellia, but considering there was no interest by SSL library makers commonly used for server implementations, this maintenance burden was removed to be able to continue to use unpatched versions of NSS.
More information on the cipher for those interested in the technicalities: https://en.wikipedia.org/wiki/Camellia_(cipher)
That day we will only allow browsers on this forum that support the strong and mature Camellia cipher for encryption.
We will also extend this to the main website's optional https.
We will do this to voice our support for this very much underappreciated cipher that, to this day, has no known cryptographic vulnerabilities or weaknesses (unlike the much-used AES). It is also a modern, mature and secure cipher that has been approved and certified by the IETF, ISO/IEC, NESSIE and CRYPTREC.
In its full implementation as used on the Internet, the cipher is completely unbroken; there are also no known successful attacks that weaken the cipher considerably.
While it is currently only adopted as a block cipher in mainstream libraries (including NSS and OpenSSL), it is fairly easy to extend this to include GCM (Galois/Counter Mode) to further strengthen suites that use Camellia. In fact, Pale Moon for a while had included GCM suites with Camellia, but considering there was no interest by SSL library makers commonly used for server implementations, this maintenance burden was removed to be able to continue to use unpatched versions of NSS.
More information on the cipher for those interested in the technicalities: https://en.wikipedia.org/wiki/Camellia_(cipher)
Did you know that moral outrage triggers the pleasure centers of the brain? It's unlikely you can actually get addicted to outrage, but there is plausible evidence that you can become strongly predisposed to it.
Source: https://www.bbc.co.uk/programmes/p002w557/episodes/downloads - "The cooperative species" and "Behaving better online"
Source: https://www.bbc.co.uk/programmes/p002w557/episodes/downloads - "The cooperative species" and "Behaving better online"
Re: 12 Feb: Camellia Appreciation Day!
Binary Outcast shall join in with this activity. BinOC's site and the Regolith Server which contains Phoebus Add-ons Backend (all the Add-ons Sites) plus the Pale Moon Developer Wiki (such that it is) will likewise match Moonchild Productions SSL server configuration in support for this superior cipher on the 12th.
Re: 12 Feb: Camellia Appreciation Day!
It seems that only GnuTLS supports Camellia GCM mode. Neither OpenSSL nor Mozilla NSS support Camellia GCM mode.
(my NSS 3.21.4 with AES256-GCM-SHA384 and ChaCha20-Poly1305 support added has Camellia GCM patch included but I don't have server to test)
(my NSS 3.21.4 with AES256-GCM-SHA384 and ChaCha20-Poly1305 support added has Camellia GCM patch included but I don't have server to test)
Last edited by roytam1 on 2020-02-10, 09:29, edited 1 time in total.
-
- Astronaut
- Posts: 556
- Joined: 2018-04-20, 20:31
Re: 12 Feb: Camellia Appreciation Day!
And how exactly am I to get this for my NewMoon community Mac build?
Re: 12 Feb: Camellia Appreciation Day!
What does macintosh have to do with anything?KlarkKentThe3rd wrote: ↑2020-02-10, 09:16And how exactly am I to get this for my NewMoon community Mac build?
-
- Astronaut
- Posts: 556
- Joined: 2018-04-20, 20:31
Re: 12 Feb: Camellia Appreciation Day!
I looked in the Palemoon extension store, and it's not there.
Re: 12 Feb: Camellia Appreciation Day!
All versions of Pale Moon (and other UXP applications) have Camellia in their available ciphers by default. No need to do anything.
Did you know that moral outrage triggers the pleasure centers of the brain? It's unlikely you can actually get addicted to outrage, but there is plausible evidence that you can become strongly predisposed to it.
Source: https://www.bbc.co.uk/programmes/p002w557/episodes/downloads - "The cooperative species" and "Behaving better online"
Source: https://www.bbc.co.uk/programmes/p002w557/episodes/downloads - "The cooperative species" and "Behaving better online"
-
- Astronaut
- Posts: 556
- Joined: 2018-04-20, 20:31
Re: 12 Feb: Camellia Appreciation Day!
Comprehensive reading isn't one of your strong suits, is it?
Yes to the first, no to the second.
Yes to the first, no to the second.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
-
- Astronaut
- Posts: 556
- Joined: 2018-04-20, 20:31
Re: 12 Feb: Camellia Appreciation Day!
Thank you for being straight to the point, as usual
The thing is, if it is turned on, how does one turn it off then? (let's say one has a stupid reason such as curiosity)
Re: 12 Feb: Camellia Appreciation Day!
Why do you want to turn it off. Almost no one supports it despite it being one of the most secure ciphers we have and in its full implementation form it has no weaknesses unlike AES. That is the whole POINT of us doing an appreciation day. To raise some awareness and.. appreciate it. Turning it off, assuming you can and assuming anyone tells you how, doesn't SOUND very appreciative. Does it?KlarkKentThe3rd wrote: ↑2020-02-10, 10:03The thing is, if it is turned on, how does one turn it off then?
-
- Astronaut
- Posts: 556
- Joined: 2018-04-20, 20:31
Re: 12 Feb: Camellia Appreciation Day!
I never made a browser, so I wanted to know if such things are user controlled. As I hinted, reason is curiosity.
Re: 12 Feb: Camellia Appreciation Day!
Any supported suite is under the user's control. It's why we have the security.ssl3.* preferences in about:config.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: 12 Feb: Camellia Appreciation Day!
If you want an easier way to look at the extra preferences without digging in about:config, install Pale Moon Commander, it will add an additional Advanced Preferences dialog invoked from the Tools menu. Don't change these settings unless you know what they're for (though there is a helpful option to reset them to default).KlarkKentThe3rd wrote: ↑2020-02-10, 10:20I never made a browser, so I wanted to know if such things are user controlled. As I hinted, reason is curiosity.
After you install it, go to Tools -> Advanced Preferences -> Security -> Ciphers 1 to see the available ciphers and their enabled/disabled state, Camellia is listed here. Again, don't mess with these settings or you'll end up breaking some sites.
"One hosts to look them up, one DNS to find them and in the darkness BIND them."
Linux Mint 21 Xfce x64 on HP i5-5200 laptop, 12 GB RAM.
AutoPageColor|PermissionsPlus|PMPlayer|Pure URL|RecordRewind|TextFX
Linux Mint 21 Xfce x64 on HP i5-5200 laptop, 12 GB RAM.
AutoPageColor|PermissionsPlus|PMPlayer|Pure URL|RecordRewind|TextFX
-
- Astronaut
- Posts: 556
- Joined: 2018-04-20, 20:31
Re: 12 Feb: Camellia Appreciation Day!
“That day we will only allow browsers on this forum that support the strong and mature Camellia cipher for encryption.”
So what will a browser that does not support Camellia cipher see? The back-chat should be interesting.
So what will a browser that does not support Camellia cipher see? The back-chat should be interesting.
Stay away from crowds.
Re: 12 Feb: Camellia Appreciation Day!
They will see a connection error.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: 12 Feb: Camellia Appreciation Day!
Thank you. Supporting Camellia and your overall approach is what makes Pale Moon an oasis of sanity in a sea of stupid.They will see a connection error.
Stay away from crowds.
Re: 12 Feb: Camellia Appreciation Day!
And your point being?
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite