Running e-mail servers is always fun: as the time came to renew TLS certificate on one machine doing e-mail transmission (SMTP), came to know TLSA records are now supposed to be 3 1 1 (no more 3 0 1) :blobcateyes:

There is an added benefit of 3 (DANE-EE) 1 (subject public key) 1 (SHA2-256 hash digest) - if you do not rotate your private key to issue TLS certificate, you don't need to update the TLSA record - signature can be squeezed from key and certificate is not necessary at that point. If you do rotate private keys, this enables you to pre-create DNS records even before certificate is issued (given that you already generated keys) - that is really nice :blobcatthumbsup:

#serveradmin #email #dane #dns #tls #certificate #sha256

Flight: #BEL76T
ICAO code: #44CE79
Callsign: #BEELINE
Operator: Brussels Airlines
Country: 🇧🇪
From: #TLS to #BRU
Speed: 545 kmh
Altitude: 1814 m
Distance: 0.6 km
Angle ∆: 70.5°
Direction ->: ENE
Track:
https://tinyurl.com/26xvmvd8
History:
https://www.radarbox.com/data/mode-s/44CE79
Seen: 365x
#Landing #BrusselsAirport

https://blog.gslin.org/archives/2025/06/18/12467/aws-%e4%b9%9f%e9%96%8b%e5%a7%8b%e8%b3%a3-certificate-%e4%ba%86/

AWS 也開始賣 Certificate 了

#acm #amazon #aws #ca #certificate #cloud #export #manager #security #service #ssl #tls

Flight: #BCS5AY
Registration: OE-LNB
ICAO code: #440BBF
Callsign: #EUROTRANS
Operator: European Air Transport Leipzig
Type: BOEING 757-236
Country: 🇩🇪
From: #TLS to #LEJ
Speed: 469 kmh
Altitude: 1273 m
Distance: 1.3 km
Angle ∆: 44.7°
Direction ->: E
Track:
https://tinyurl.com/2dzb8n42
History:
https://www.radarbox.com/data/mode-s/440BBF
https://www.flightradar24.com/data/aircraft/OE-LNB
Photos:
https://jetphotos.com/photo/keyword/OE-LNB
Seen: 13x

What if #TLS used #PGP instead of #x509?

Flight: #TOM9XA
ICAO code: #40665F
Registration: G-TAWB
Type: BOEING 737-800
Operator: Tui Airways Limited
Direction: 320° (Northwest)
Speed: 419.6 kmh
Altitude: 36625 ft
Category: Large

Route:
🛫: Toulouse - #TLS
🛬: Birmingham - #BHX

Previously seen: 92 times

Track:
https://globe.adsb.fi/?icao=40665f

#adsb #B738

Photo by: Milan Witham
Link: https://hooks.geekyco.de/ps/40665f

Hello, I’m hosting a #Vaultwarden server behind #Caddy 2.10 and made the following test:

Tuning Caddy to allow only #PQC curves:

	tls {
		curves x25519mlkem768
	}

Trying to connect with #Firefox Mac -> OK
Trying to connect with #Bitwarden #android client -> Fail

Without the #TLS tuning, the Bitwarden Android client will happily connect to the server.

Is it a problem with the Bitwarden Android client or with Android, or both?

ICAO: 48C2B9
Flt: RYR2LB #RYANAIR #TNG - #TLS
First seen: 2025-06-17 19:03:39 CEST
Min Alt: 11264 m AGL
Min Dist: 1.92 km

https://globe.adsbexchange.com/?icao=48c2b9&lat=53.195663&lon=5.571638&zoom=12&showTrace=2025-06-17
#adsb #aboveFRL #EHLW

Flight: #BEL4UG
Registration: OO-SNO
ICAO code: #44CDCF
Callsign: #BEELINE
Operator: Brussels Airlines
Type: AIRBUS A320-216
Country: 🇧🇪
From: #TLS to #BRU
Speed: 538 kmh
Altitude: 2225 m
Distance: 1.1 km
Angle ∆: 63.1°
Direction ->: ENE
Track:
https://tinyurl.com/23kv6khe
History:
https://www.radarbox.com/data/mode-s/44CDCF
https://www.flightradar24.com/data/aircraft/OO-SNO
Photos:
https://jetphotos.com/photo/keyword/OO-SNO
Seen: 514x
#Landing #BrusselsAirport

ICAO: 39856C
Flt: AFR69AR #AIRFRANCE #TLS - #ORY
First seen: 2025-06-17 12:29:33 CEST
Min Alt: 10960 m AGL
Min Dist: 20.19 km

https://globe.adsbexchange.com/?icao=39856c&lat=53.176342&lon=6.270204&zoom=12&showTrace=2025-06-17
#adsb #aboveFRL #EHLW

Flight: #BEL76T
Registration: OO-SSB
ICAO code: #44CE62
Callsign: #BEELINE
Operator: Brussels Airlines
Type: AIRBUS A319-111
Country: 🇧🇪
From: #TLS to #BRU
Speed: 533 kmh
Altitude: 2286 m
Distance: 1.1 km
Angle ∆: 63.8°
Direction ->: ENE
Track:
https://tinyurl.com/2yuj5bgt
History:
https://www.radarbox.com/data/mode-s/44CE62
https://www.flightradar24.com/data/aircraft/OO-SSB
Photos:
https://jetphotos.com/photo/keyword/OO-SSB
Seen: 414x
#Landing #BrusselsAirport

Flight: #BCS5AY
Registration: D-ALET
ICAO code: #3C70B4
Callsign: #EUROTRANS
Operator: European Air Transport Leipzig
Type: BOEING 757-28A
Country: 🇩🇪
From: #TLS to #LEJ
Speed: 491 kmh
Altitude: 1676 m
Distance: 0.8 km
Angle ∆: 64.4°
Direction ->: ENE
Track:
https://tinyurl.com/23vryrbb
History:
https://www.radarbox.com/data/mode-s/3C70B4
https://www.flightradar24.com/data/aircraft/D-ALET
Photos:
https://jetphotos.com/photo/keyword/D-ALET
Seen: 89x

Next #swad release will still be a while. 😞

I *thought* I had the version with multiple #reactor #eventloop threads and quite some #lockfree stuff using #atomics finally crash free. I found that, while #valgrind doesn't help much, #clang's #thread #sanitizer is a very helpful debugging tool.

But I tested without #TLS (to be able to handle "massive load" which seemed necessary to trigger some of the more obscure data races). Also without the credential checkers that use child processes. Now I deployed the current state to my prod environment ... and saw a crash there (only after running a load test).

So, back to debugging. I hope the difference is not #TLS. This just doesn't work (for whatever reason) when enabling the address sanitizer, but I didn't check the thread sanitizer yet...

Flight: #BEL4UG
Registration: OO-SNK
ICAO code: #44CDCB
Callsign: #BEELINE
Operator: Brussels Airlines
Type: AIRBUS A320-214
Country: 🇧🇪
From: #TLS to #BRU
Speed: 501 kmh
Altitude: 1570 m
Distance: 0.3 km
Angle ∆: 78.4°
Direction ->: ENE
Track:
https://tinyurl.com/2apdhjut
History:
https://www.radarbox.com/data/mode-s/44CDCB
https://www.flightradar24.com/data/aircraft/OO-SNK
Photos:
https://jetphotos.com/photo/keyword/OO-SNK
Seen: 568x
#Landing #BrusselsAirport

ICAO: 398579
Flt: AFR69AR #AIRFRANCE #TLS - #ORY
First seen: 2025-06-16 12:29:36 CEST
Min Alt: 10960 m AGL
Min Dist: 8.2 km

https://globe.adsbexchange.com/?icao=398579&lat=53.325868&lon=6.254856&zoom=12&showTrace=2025-06-16
#adsb #aboveFRL #EHLW

Flight: #BEL76T
ICAO code: #44CC44
Callsign: #BEELINE
Operator: Brussels Airlines
Country: 🇧🇪
From: #TLS to #BRU
Speed: 519 kmh
Altitude: 1814 m
Distance: 1.6 km
Angle ∆: 48.4°
Direction ->: NE
Track:
https://tinyurl.com/27v6v5yu
History:
https://www.radarbox.com/data/mode-s/44CC44
Seen: 363x
#Landing #BrusselsAirport

ICAO: 4CA225
Flt: RYR2LB #RYANAIR #TNG - #TLS
First seen: 2025-06-16 07:42:49 CEST
Min Alt: 11264 m AGL
Min Dist: 17.57 km

https://globe.adsbexchange.com/?icao=4ca225&lat=53.015318&lon=5.675066&zoom=12&showTrace=2025-06-16
#adsb #aboveFRL #EHLW

I still call it “SSL”, even though I know TLS is what’s used these days 🤷🏽‍♂️:

“Security Standards And Name Changes In The Browser Wars” [2024], Tim Dierks (https://tim.dierks.org/2014/05/security-standards-and-name-changes-in.html).

Via HN: https://news.ycombinator.com/item?id=44282378

On Lobsters: https://lobste.rs/s/dygkfr/why_ssl_was_renamed_tls_late_90s_2014

#SSL #TLS #Security

In a thrilling tale of corporate warfare and digital acronyms, we learn that SSL's transformation to #TLS was less about security and more about scoring points in the browser slap-fight of the 90s. 🤺🔒 #Netscape and #Microsoft were so busy duking it out that they managed to rename a protocol instead of actually fixing it. 🙄✨
https://tim.dierks.org/2014/05/security-standards-and-name-changes-in.html #corporatewarfare #digitalacronyms #SSL #browserwars #HackerNews #ngated

Why SSL was renamed to TLS in late 90s (2014)

https://tim.dierks.org/2014/05/security-standards-and-name-changes-in.html

#HackerNews #SSL #TLS #security #history #cybersecurity #standards