---
title: "Site Update 007"
date: 2021-01-09T00:00:00
draft: false
makerefs: false
---
# What's New
I provisioned a new TLS certificate from ZeroSSL[1]. That's why there was some downtime yesterday on 0gitnick.xyz. By default Caddy[2] provisions TLS certs from Let's Encrypt[3] with a P-256 public key. I don't trust NIST curves[4] so 0gitnick.xyz uses a 4096 bit RSA key now. As of the time of this post all other clearnet site mirrors[5] use 2048 bit RSA which is also secure.


Link(s):
[1: https://zerossl.com](https://zerossl.com)
[2: https://caddyserver.com](https://caddyserver.com)
[3: https://letsencrypt.org](https://letsencrypt.org)
[4: https://safecurves.cr.yp.to/rigid.html](https://safecurves.cr.yp.to/rigid.html)
[5: /about](/about/)