I have a curiosity,have you enabled this feature in your browsers? More info: https://blog.chromium.org/2023/08/protecting-chrome-traffic-with-hybrid.html It is possible to verify with a test: https://pq.cloudflareresearch.com/ In the 2 images below. Functionality not enabled: Functionality enabled:
Interesting, thanks. I see it is supported in Firefox Nightly, but not in Firefox release version, so I haven't yet enabled the feature.
I decided to enable 2 flags in my Edge and do some testing in the various web pages I usually open: TLS 1.3 hybridized Kyber support Enable Kyber768 + NIST-P384 TLS Kyber Confidentiality It is possible to check the various options with the test below: https://browserleaks.com/tls Default: Only first flag enabled: Both:
https://www.bleepingcomputer.com/ne...uantum-resistant-encryption-to-protect-email/ My wife uses Tuta Mail. My wife is German. I will probably also consider opening a Tuta Mail account. P.S. Android app not working well (lost connections) so attachments not uploaded and email message not shown in smartphones without Google Services.
I have noticed that almost all of the Web sites I open usually use TLS 1.3. But not unfortunately WSF: I decided to enable this flag in Edge: Code: TLS 1.3 Early Data - Enabled to improve browser performance. https://www.ssldragon.com/blog/tls-1-2-vs-1-3/
Thanks, Libraman. Interesting! https://pq.cloudflareresearch.com/ Software support Firefox 124+ if you turn on security.tls.enable_kyber in about:config. [new!] I notice that in the release notes for Firefox Nightly 126.0a1 the following is still mentioned: Web Platform Starting with Firefox 125, Nightly builds will attempt to establish TLS connections using a hybrid post-quantum key agreement mechanism (X25519+Kyber768). This may result in slow TLS handshakes or failed connections on networks with TLS intercepting middleboxes. The feature can be disabled by setting the security.tls.enable_kyber preference to false. Bug 1878725
I also noticed that many websites (but not WSF) use the QUIC protocol: https://www.teimouri.net/quic-speeding-web-revolution-networking/ (which I have long since enabled in my browser). It seems to me that with the recent flag enabled I get a much faster response from many websites. Example from another forum frequented by some WSF members:
at least its a cloudflare-only feature. if you do not use or see CF hosted/secured pages you probably never will notice it. if mozilla will recognise this as an urgent feature they will enable it by default, otherwise no one should care. http3/quic is available since 2020 and enabled by default since ... early 2021 in firefox.
I did now. Thank you. There is no way in hell I will ever enable less secure QUIC to gain a few measly milliseconds.
P.S. Consider that almost all websites that adopt the QUIC protocol use X25519Kyber768Draft00 Hybrid Post-Quantum Key with your browser. Websites using TLS 1.3 do not always use the Post Quantum key.
I recently noticed that,at least in Edge, using the QUIC flag at default does not guarantee that the browser will NOT use this protocol. So I would like to advise all forum members who do not like this active feature to check via the browser development tools. Or simply disable the QUIC flag.
You can also check via a firewall or a network watcher, UDP via port 443 is a dead giveaway. I use QUIC on Brave for Youtube/Google, since privacy or security does not matter there.
I use LibreWolf only for Facebook, but to be fair I did not know about it, I must have forgotten about it back then. I have blocked UDP in the firewall now and FB is still working. So thank you, again. I must buy you a beer sometime.
I insert a simple QUIC connection test for W. members who do not like to use indirect methods: https://quic.nginx.org/
