12 Feb: Camellia Appreciation Day!

About this bulletin board and the Pale Moon website

Moderators: FranklinDM, Lootyhoof

User avatar
Admin
Site Admin
Site Admin
Posts: 405
Joined: 2012-05-17, 19:06

12 Feb: Camellia Appreciation Day!

Unread post by Admin » 2020-02-09, 22:04

Wednesday February 12th 2020 will be Camellia Appreciation Day on this forum!

That day we will only allow browsers on this forum that support the strong and mature Camellia cipher for encryption.
We will also extend this to the main website's optional https.

We will do this to voice our support for this very much underappreciated cipher that, to this day, has no known cryptographic vulnerabilities or weaknesses (unlike the much-used AES). It is also a modern, mature and secure cipher that has been approved and certified by the IETF, ISO/IEC, NESSIE and CRYPTREC.
In its full implementation as used on the Internet, the cipher is completely unbroken; there are also no known successful attacks that weaken the cipher considerably.
While it is currently only adopted as a block cipher in mainstream libraries (including NSS and OpenSSL), it is fairly easy to extend this to include GCM (Galois/Counter Mode) to further strengthen suites that use Camellia. In fact, Pale Moon for a while had included GCM suites with Camellia, but considering there was no interest by SSL library makers commonly used for server implementations, this maintenance burden was removed to be able to continue to use unpatched versions of NSS.

More information on the cipher for those interested in the technicalities: https://en.wikipedia.org/wiki/Camellia_(cipher)
Did you know that moral outrage triggers the pleasure centers of the brain? It's unlikely you can actually get addicted to outrage, but there is plausible evidence that you can become strongly predisposed to it.
Source: https://www.bbc.co.uk/programmes/p002w557/episodes/downloads - "The cooperative species" and "Behaving better online"
Image

New Tobin Paradigm

Re: 12 Feb: Camellia Appreciation Day!

Unread post by New Tobin Paradigm » 2020-02-09, 22:22

Binary Outcast shall join in with this activity. BinOC's site and the Regolith Server which contains Phoebus Add-ons Backend (all the Add-ons Sites) plus the Pale Moon Developer Wiki (such that it is) will likewise match Moonchild Productions SSL server configuration in support for this superior cipher on the 12th.

roytam1

Re: 12 Feb: Camellia Appreciation Day!

Unread post by roytam1 » 2020-02-10, 08:53

It seems that only GnuTLS supports Camellia GCM mode. Neither OpenSSL nor Mozilla NSS support Camellia GCM mode.
(my NSS 3.21.4 with AES256-GCM-SHA384 and ChaCha20-Poly1305 support added has Camellia GCM patch included but I don't have server to test)
Last edited by roytam1 on 2020-02-10, 09:29, edited 1 time in total.

KlarkKentThe3rd
Astronaut
Astronaut
Posts: 556
Joined: 2018-04-20, 20:31

Re: 12 Feb: Camellia Appreciation Day!

Unread post by KlarkKentThe3rd » 2020-02-10, 09:16

And how exactly am I to get this for my NewMoon community Mac build?

New Tobin Paradigm

Re: 12 Feb: Camellia Appreciation Day!

Unread post by New Tobin Paradigm » 2020-02-10, 09:18

KlarkKentThe3rd wrote:
2020-02-10, 09:16
And how exactly am I to get this for my NewMoon community Mac build?
What does macintosh have to do with anything?

KlarkKentThe3rd
Astronaut
Astronaut
Posts: 556
Joined: 2018-04-20, 20:31

Re: 12 Feb: Camellia Appreciation Day!

Unread post by KlarkKentThe3rd » 2020-02-10, 09:24

I looked in the Palemoon extension store, and it's not there.

User avatar
Admin
Site Admin
Site Admin
Posts: 405
Joined: 2012-05-17, 19:06

Re: 12 Feb: Camellia Appreciation Day!

Unread post by Admin » 2020-02-10, 09:36

All versions of Pale Moon (and other UXP applications) have Camellia in their available ciphers by default. No need to do anything.
Did you know that moral outrage triggers the pleasure centers of the brain? It's unlikely you can actually get addicted to outrage, but there is plausible evidence that you can become strongly predisposed to it.
Source: https://www.bbc.co.uk/programmes/p002w557/episodes/downloads - "The cooperative species" and "Behaving better online"
Image

KlarkKentThe3rd
Astronaut
Astronaut
Posts: 556
Joined: 2018-04-20, 20:31

Re: 12 Feb: Camellia Appreciation Day!

Unread post by KlarkKentThe3rd » 2020-02-10, 09:39

Admin wrote:
2020-02-10, 09:36
All versions of Pale Moon (and other UXP applications) have Camellia in their available ciphers by default. No need to do anything.
You're saying it is turned on RIGHT NOW? Or do I have to do some manual enabling?

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35481
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: 12 Feb: Camellia Appreciation Day!

Unread post by Moonchild » 2020-02-10, 09:58

Comprehensive reading isn't one of your strong suits, is it? ;)

Yes to the first, no to the second.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

KlarkKentThe3rd
Astronaut
Astronaut
Posts: 556
Joined: 2018-04-20, 20:31

Re: 12 Feb: Camellia Appreciation Day!

Unread post by KlarkKentThe3rd » 2020-02-10, 10:03

Moonchild wrote:
2020-02-10, 09:58
Comprehensive reading isn't one of your strong suits, is it? ;)

Yes to the first, no to the second.
Thank you for being straight to the point, as usual :|

The thing is, if it is turned on, how does one turn it off then? (let's say one has a stupid reason such as curiosity)

New Tobin Paradigm

Re: 12 Feb: Camellia Appreciation Day!

Unread post by New Tobin Paradigm » 2020-02-10, 10:12

KlarkKentThe3rd wrote:
2020-02-10, 10:03
The thing is, if it is turned on, how does one turn it off then?
Why do you want to turn it off. Almost no one supports it despite it being one of the most secure ciphers we have and in its full implementation form it has no weaknesses unlike AES. That is the whole POINT of us doing an appreciation day. To raise some awareness and.. appreciate it. Turning it off, assuming you can and assuming anyone tells you how, doesn't SOUND very appreciative. Does it?

KlarkKentThe3rd
Astronaut
Astronaut
Posts: 556
Joined: 2018-04-20, 20:31

Re: 12 Feb: Camellia Appreciation Day!

Unread post by KlarkKentThe3rd » 2020-02-10, 10:20

I never made a browser, so I wanted to know if such things are user controlled. As I hinted, reason is curiosity.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35481
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: 12 Feb: Camellia Appreciation Day!

Unread post by Moonchild » 2020-02-10, 10:22

Any supported suite is under the user's control. It's why we have the security.ssl3.* preferences in about:config.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
moonbat
Knows the dark side
Knows the dark side
Posts: 4942
Joined: 2015-12-09, 15:45
Contact:

Re: 12 Feb: Camellia Appreciation Day!

Unread post by moonbat » 2020-02-10, 10:32

KlarkKentThe3rd wrote:
2020-02-10, 10:20
I never made a browser, so I wanted to know if such things are user controlled. As I hinted, reason is curiosity.
If you want an easier way to look at the extra preferences without digging in about:config, install Pale Moon Commander, it will add an additional Advanced Preferences dialog invoked from the Tools menu. Don't change these settings unless you know what they're for (though there is a helpful option to reset them to default).

After you install it, go to Tools -> Advanced Preferences -> Security -> Ciphers 1 to see the available ciphers and their enabled/disabled state, Camellia is listed here. Again, don't mess with these settings or you'll end up breaking some sites.
"One hosts to look them up, one DNS to find them and in the darkness BIND them."

Image
Linux Mint 21 Xfce x64 on HP i5-5200 laptop, 12 GB RAM.
AutoPageColor|PermissionsPlus|PMPlayer|Pure URL|RecordRewind|TextFX

KlarkKentThe3rd
Astronaut
Astronaut
Posts: 556
Joined: 2018-04-20, 20:31

Re: 12 Feb: Camellia Appreciation Day!

Unread post by KlarkKentThe3rd » 2020-02-10, 10:33

Moonchild wrote:
2020-02-10, 10:22
Any supported suite is under the user's control. It's why we have the security.ssl3.* preferences in about:config.
Thank you. Will never mess with that, just wanted to know how to control it.

User avatar
basicuser
Fanatic
Fanatic
Posts: 108
Joined: 2018-09-01, 23:05

Re: 12 Feb: Camellia Appreciation Day!

Unread post by basicuser » 2020-02-10, 16:50

“That day we will only allow browsers on this forum that support the strong and mature Camellia cipher for encryption.”

So what will a browser that does not support Camellia cipher see? The back-chat should be interesting.
Stay away from crowds.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35481
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: 12 Feb: Camellia Appreciation Day!

Unread post by Moonchild » 2020-02-10, 17:01

basicuser wrote:
2020-02-10, 16:50
So what will a browser that does not support Camellia cipher see? The back-chat should be interesting.
They will see a connection error.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
basicuser
Fanatic
Fanatic
Posts: 108
Joined: 2018-09-01, 23:05

Re: 12 Feb: Camellia Appreciation Day!

Unread post by basicuser » 2020-02-10, 17:15

They will see a connection error.
Thank you. Supporting Camellia and your overall approach is what makes Pale Moon an oasis of sanity in a sea of stupid.
Stay away from crowds.

roytam1

Re: 12 Feb: Camellia Appreciation Day!

Unread post by roytam1 » 2020-02-11, 23:18

and it looks fun in SSLlabs report now!

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35481
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: 12 Feb: Camellia Appreciation Day!

Unread post by Moonchild » 2020-02-11, 23:19

roytam1 wrote:
2020-02-11, 23:18
and it looks fun in SSLlabs report now!
And your point being?
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

Locked