Hi, someone reached out to us and asked whether we could support post-quantum safe TLS 1.3 options on our public resolvers.
Since most browsers have support for X25519MLKEM768 https://developers.cloudflare.com/ssl/post-quantum-cryptography/pqc-support/ and openssl 3.5 in debian stable supports it, I was wondering how to enable it in dnsdist but I didn't find any parameter in addDOHLocal() to configure ECDHE curves? https://www.dnsdist.org/reference/config.html#addDOHLocal Is this currently supported? example config from nginx: ssl_ecdh_curve X25519MLKEM768; best regards, Christoph _______________________________________________ dnsdist mailing list [email protected] https://mailman.powerdns.com/mailman/listinfo/dnsdist
