Comments (3)
Well.
I found this article:
https://blog.cloudflare.com/experiment-with-pq/
Cloudflare has a Go fork that supports Kyber.
Relevant code in crypto/tls/cfkem.go:
var (
X25519Kyber512Draft00 = CurveID(0xfe30)
X25519Kyber768Draft00 = CurveID(0x6399)
)
I compiled it on my machine to use it to build Traefik.
In the Traefik project there is a certificate.go file in the tls module.
I added the curve IDs:
CurveIDs = map[string]tls.CurveID{
`secp256r1`: tls.CurveP256,
`CurveP256`: tls.CurveP256,
`secp384r1`: tls.CurveP384,
`CurveP384`: tls.CurveP384,
`secp521r1`: tls.CurveP521,
`CurveP521`: tls.CurveP521,
`x25519`: tls.X25519,
`X25519`: tls.X25519,
`X25519Kyber512Draft00`: tls.X25519Kyber512Draft00, // <<-- added
`X25519Kyber768Draft00`: tls.X25519Kyber768Draft00, // <<-- added
}
Then I compiled Traefik with cfgo and created a new Docker image based on the alpine one.
It seems to work with Chrome browser.
Of course it is not production ready, but at least I can play with it.
from traefik.
Hello @fzoli and thanks for your interest in Traefik,
Sure this is something we will likely support as soon as the Go library supports it, see golang/go#64537
from traefik.
Nice work, im looking to test this aswell, now that i know it can be done ill look in to it. X25519 is already supported in 3.0.0 lets see if the Kyber part can be added tooo
from traefik.
Related Issues (20)
- Can't upload docker images larger than 2GB via traefik 3.0 proxy HOT 8
- The final response code of my api service when using traefik error middleware is of main service ? - error service ? HOT 1
- provider=swarm - Gateway time-out Error code 504 HOT 1
- Kubernetes Ingress With Wildcard Host Doesn't Cover Hosts With Undescores (_) HOT 1
- Traefik V3 break on TCP Routers filter HOT 1
- Limit connections by a single IP address. HOT 5
- Support loading certificates from Cert-Manager HOT 1
- To support HTTP Basic authentication for docker/swarm provider's endpoint HOT 1
- Environment Variables HOT 3
- Basic Auth Automatically encode Base64 - basicauth.users HOT 2
- Body truncation issue in traffic plugin under certain conditions HOT 1
- A Router rule that exactly match all same-name header values. HOT 3
- Extend `headerLabels` Support to All Prometheus Metrics HOT 1
- TCP weighted service not respecting weights HOT 1
- Sectigo Certresolver does not populate cert field in JSON file HOT 1
- Unable to obtain ACME certificate for domains HOT 1
- Order cannot contain more than 100 DNS names
- container image on ghcr HOT 1
- Traefik provides default TLS certificate instead of one from a secret HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from traefik.