kravietz πŸ¦‡
Follow

Dear service owners: do *not* merely add an Yggdrasil IPv6 address to your existing https website. It will always fail due to certificate mismatch and you can't get DV cert on Yggdrasil address.

Do create a HTTP-only mirror on Yggdrasil IPv6 or dedicated hostname - Yggdrasil already provides transport encryption so TLS is to some extent redundant.

So:

webcookies.pub (IPv4+IPv6)

y.webcookies.pub (Yggdrasil)

Β· Β· 2 Β· 0 Β· 1
kravietz πŸ¦‡  

DV (domain-validated) TLS authenticates your hostname.

Yggdrasil address is your public key so this is somewhat comparable to DV.

If you use FQDN that maps to Yggdrasil IPv6 then it's not authenticated though, unless you use DNSSEC as well.

Show thread
0
Sign in to participate in the conversation
Mastodon πŸ” privacytools.io

Fast, secure and up-to-date instance. PrivacyTools provides knowledge and tools to protect your privacy against global mass surveillance.

Website: privacytools.io
Matrix Chat: chat.privacytools.io
Support us on OpenCollective, many contributions are tax deductible!

Resources

Developers

What is Mastodon?

social.privacytools.io

More…