GitLab

Part of #2

from the Mailbox channel:

certificates probably will be self-signed, possibly using the secret shared with the owner as the basis of the private key so the owner can calculate the same key pair (easier upgrade path when we add support for tls)

we'll need to look into which cipher suites to advertise and how to make the tls handshake resistant to identification/blocking by dpi boxes, so i think proper tls support is quite a big piece of work