What’s New

I provisioned a new TLS certificate from ZeroSSL[1]. That’s why there was some downtime yesterday on 0gitnick.xyz. By default Caddy[2] provisions TLS certs from Let’s Encrypt[3] with a P-256 public key. I don’t trust NIST curves[4] so 0gitnick.xyz uses a 4096 bit RSA key now. As of the time of this post all other clearnet site mirrors[5] use 2048 bit RSA which is also secure.

1: https://zerossl.com
2: https://caddyserver.com
3: https://letsencrypt.org
4: https://safecurves.cr.yp.to/rigid.html
5: /about