Comments (3)
Well.
I found this article:
https://blog.cloudflare.com/experiment-with-pq/
Cloudflare has a Go fork that supports Kyber.
Relevant code in crypto/tls/cfkem.go:
var (
X25519Kyber512Draft00 = CurveID(0xfe30)
X25519Kyber768Draft00 = CurveID(0x6399)
)
I compiled it on my machine to use it to build Traefik.
In the Traefik project there is a certificate.go file in the tls module.
I added the curve IDs:
CurveIDs = map[string]tls.CurveID{
`secp256r1`: tls.CurveP256,
`CurveP256`: tls.CurveP256,
`secp384r1`: tls.CurveP384,
`CurveP384`: tls.CurveP384,
`secp521r1`: tls.CurveP521,
`CurveP521`: tls.CurveP521,
`x25519`: tls.X25519,
`X25519`: tls.X25519,
`X25519Kyber512Draft00`: tls.X25519Kyber512Draft00, // <<-- added
`X25519Kyber768Draft00`: tls.X25519Kyber768Draft00, // <<-- added
}
Then I compiled Traefik with cfgo and created a new Docker image based on the alpine one.
It seems to work with Chrome browser.
Of course it is not production ready, but at least I can play with it.
from traefik.
Hello @fzoli and thanks for your interest in Traefik,
Sure this is something we will likely support as soon as the Go library supports it, see golang/go#64537
from traefik.
Nice work, im looking to test this aswell, now that i know it can be done ill look in to it. X25519 is already supported in 3.0.0 lets see if the Kyber part can be added tooo
from traefik.
Related Issues (20)
- Sectigo Certresolver does not populate cert field in JSON file HOT 1
- Unable to obtain ACME certificate for domains HOT 1
- Order cannot contain more than 100 DNS names HOT 4
- container image on ghcr HOT 1
- Traefik provides default TLS certificate instead of one from a secret HOT 8
- Add TCP Health Check using SYN, SYN-ACK, and RST packets HOT 2
- Traefik 3.x can not download customized plugin HOT 3
- Support for HTTP Calls in Existing WASM Plugins System
- Traefik Configuration Checks HOT 2
- Can't upload docker images larger than 400MB or 2GB via traefik 3.0 3.0.1 3.0.2 proxy HOT 5
- Traefik sends 400 Bad Request if any header has some special char and also request not even get logged in access log HOT 3
- DownstreamStatus is 0 in v3 when server-sent event response is aborted from client HOT 7
- Support BackendTLSPolicy from Gateway API
- Support AWS IRSA with EKS Fargate? HOT 1
- bug: `TLSStore` with Wildcard Certificate and `sniStrict: true` does not work HOT 11
- Traefik Routing: Protocol and Port Mismatch Not Captured HOT 4
- Errors Middleware + IngressRoute : Could not get Capture / value not found in context HOT 7
- Dashboard JS blocked because of a disallowed MIME type (“text/plain”) HOT 2
- Traefik HTTP Middlewares IPAllowList - IP Rejecting - Tailscale IP is MIA HOT 1
- StripPrefix not working in traefik3 but working in traefik2 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from traefik.