Https

Some time ago I documented how I configured WireGuard on my OpenWrt router at home, to connect securely to my home network (and the Internet, really) from wherever I am. I feel safer connecting to public Wi-Fi this way, also abroad when it allows me to save extra roaming costs. However, during my travels I sometimes come across networks which seem to block VPN connections, sometimes including my own personal WireGuard tunnel. For such cases I managed to tunnel my WireGuard connection over HTTPS, which is typically (far) less often blocked. ...

My previous post discussed the introduction of a Module-Lattice Key Encapsulation Mechanism (ML-KEM) post-quantum key exchange algorithm implementation in OpenSSH, and how to specify it in your SSH configurations. ML-KEM is the new FIPS 203 standard, previously known as Kyber, which was standardized by NIST on 2024-08-13. OpenSSH’s implementation of ML-KEM is a PQ/T hybrid approach that combines the post-quantum ML-KEM with the traditional X25519 key exchange algorithm. This post will cover the ML-KEM implementation in Caddy, the popular web server and reverse proxy. ...