TLS

Last week, I described a gloomy situation: all public TLS certificate providers log your requests. By browsing through the subdomains, one can get their respective IP addresses. If one of them points to your home route, they know your general location. I analyzed several solutions and decided to use wildcard certificates, which don’t leak subdomain information, while continuing to use Let’s Encrypt. My solution caters to my Synology NAS, as it’s the one I’m using. Gett

I recently learned about a new way to leak your privacy, and it’s a scary one. Before going further, know that I’m not a network engineer: perhaps if you work in the field, you’ve known it for your whole career, but it’s quite new to me. Let me share my findings and you can judge. Because the original post was quite lengthy, I broke it down into two instalments, the problem and the solution. The problemThe solution

I recently learned about a new way to leak your privacy, and it’s a scary one. Before going further, know that I’m not a network engineer: perhaps if you work in this field, you’ve known it for your whole career, but it’s quite new to me. Let me share my findings, and you can judge for yourself. Since the original post was quite lengthy, I have broken it down into two installments: the problem and the solution. The situation I own my own domain. I’ve created mu

Security in one’s information system has always been among the most critical Non-Functional Requirements. Transport Secure Layer, aka TLS, formerly SSL, is among its many pillars. In this post, I’ll show how to configure TLS for the Apache APISIX API Gateway. TLS in a few words TLS offers several capabilities: Server authentication: the client is confident that the server it exchanges data with is the right one. It avoids sending data, which might be confidential, to the wrong ac