Tootfinder

just released liboprf-0.9.3
liboprf is a library implementing the OPRF from https://www.rfc-editor.org/rfc/rfc9497.html and in addition it also provides a threshold variant (tOPRF) and a distributed key generation (DKG) protocol for the tOPRF shared secret, as well as a key update protocol fo…

has #HTMX been tried with a #CGI (https://doi.org/10.17487/RFC3875) backend? Preferably with

🥳 New Node Pebble release (version 5.3.0)
Thanks to the lovely folks at Let’s Encrypt tagging a new release of Pebble last night¹ (version 2.9.0), there’s now a new version of Node Pebble that uses it :)
https://codeberg.org/small-tech/node-pebble
Enjoy! 💕
¹

node-pebble
A Node.js wrapper for Let’s Encrypt’s Pebble (a small RFC 8555 ACME test server not suited for a production certificate authority)

HTTP has a new method: QUERY. Tl;dr: GET with a body.
https://www.ietf.org/archive/id/draft-ietf-httpbis-safe-method-w-body-14.html
(Doesn’t have an RFC number yet but has been approved, will get one in a few weeks.)

PSA: Use the "accounturi" feature of Let's Encrypt CAA!
If you're hosting a safety/security-critical service, there's a way too unknown feature called "accounturi", that allows you to restrict TLS certificate issuance to a single Let's Encrypt account (and account private key).
You simply create a CAA record on your domain and put your LE account ID into it.
This means that attackers cannot issue TLS certificates and pull man-in-the-middle…

Certificate Authority Authorization (CAA)
CAA is a type of DNS record that allows site owners to specify which Certificate Authorities (CAs) are allowed to issue certificates containing their domain names. It was first standardized in 2013, and the version we use today was standardized in 2019 by RFC 8659 and RFC 8657. By default, every public CA is allowed to issue certificates for any domain name in the public DNS, provided they validate control of that domain name. That means that if there’s a bug in any one of the many public CAs…

Just updated Node Pebble to support latest release version of Let’s Encrypt’s Pebble testing server.
#LetsEncrypt…

node-pebble
A Node.js wrapper for Let’s Encrypt’s Pebble (a small RFC 8555 ACME test server not suited for a production certificate authority)

TIL that % routing of email (ie: nelson%example.com@relayserver.com is basically dead and gone. It mostly hasn't worked for years because of spam issues but modern mail systems don't even recognize it. Source routes got deprecated in RFC 2821 (from 2001) and fully removed in RFC 5321 (2008).

It's this time of the year again, this weekend is #ZHF in Rapperswil.
After having participated in a few of those I was very happy when I discovered this RFC a few days ago.
https://gith…

RFC: what are the highlights of FreeBSD 15.0-RELEASE?
＂In the 15.0-RELEASE announcement email, I list a few highlights. Obviously pkgbase is going to be one of them, but I'm looking for a list of 5 or 6 items, and I don't know what you as users care about the most.
＂So… can you help out your release engineer and tell me what you personally thing is the most exciting change in 15.0?＂
― Colin Percival at <