I provisioned a new TLS certificate from ZeroSSL. That’s why there was some downtime yesterday on 0gitnick.xyz. By default Caddy provisions TLS certs from Let’s Encrypt with a P-256 public key. I don’t trust NIST curves so 0gitnick.xyz uses a 4096 bit RSA key now. As of the time of this post all other clearnet site mirrors use 2048 bit RSA which is also secure.