Rustls 0.15.0 was released earlier this week, adding PQC algorithms.
Lots of stuff happening lately in the PQC world, this week it's the rustls project releasing a new version with PQC capability.
"This could have been a Fediverse update"
Correct, it could!
If you
you end up with a webserver that does X25519/ML-KEM768 hybrid key exchange (Xwing / X25519MLKEM768). This is considered safe even when
Verifying
If you have an OpenSSL 3.5 installed, check like so
$ :|/usr/local/bin/openssl s_client -connect brnrd.eu:443
...
Negotiated TLS1.3 group: X25519MLKEM768
...
If you have a curl version that is linked to OpenSSL 3.5, use
$ curl https://brnrd.eu/ -v -o /dev/null
...
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / X25519MLKEM768 / id-ecPublicKey
...