Gregory's ServerCryptographic agility sucks. What to do instead: https://soatok.blog/2022/08/20/cryptographic-agility-and-superior-alternatives/
|
2 comments
 Don't use RSA in 2023. But if you must use RSA, please don't use RSA directly to encrypt messages: https://soatok.blog/2021/01/20/please-stop-encrypting-with-rsa-directly/ If you want to go above and beyond, here's some more things to think about: |
An updated comparison of elliptic curves for use in cryptography (since djb's SafeCurves is out of date): https://soatok.blog/2022/05/19/guidance-for-choosing-an-elliptic-curve-signature-algorithm-in-2022/