🥳 Minor releases

• Auto Encrypt 5.1.0: Moves automatic IP address detection from top-level await to asynchronous createServer() method to enable servers that import to run offline when they’re running on localhost) and exports IPAddresses class so servers can carry out their own automatic IP address detection (IPv4 and IPv6) if they want full control over exactly which domains and IP addresses are included in provisioned TLS certificates.¹

• @small-tech/https: Re-exports IPAddresses class so servers (like Kitten²) can have full control over exactly which domains and IP addresses are included in provisioned TLS certificates.³

¹ https://codeberg.org/small-tech/auto-encrypt/src/branch/main/CHANGELOG.md#5-1-0-2026-01-21
² https://kitten.small-web.org
³ https://codeberg.org/small-tech/https/src/branch/main/CHANGELOG.md#6-1-0-2026-01-21

#SmallWeb #SmallTech #AutoEncrypt #https #releaseUpdates

🥳 Multiple major releases today

• @small-tech/auto-encrypt v5.0.0 (https://codeberg.org/small-tech/auto-encrypt#readme)
• @small-tech/auto-encrypt-localhost v10.0.0 (https://codeberg.org/small-tech/auto-encrypt-localhost/#readme)
• @small-tech/https v6.0.0 (https://codeberg.org/small-tech/https/#readme)

These releases bring short-lived certificates, IP Address (IPv4 and IPv6) support, and ACME Renewal Information (ARI) support to Auto Encrypt and @small-tech/https, implement a consistent asynchronous API across all three packages, and include loads of little fixes and code quality improvements.

This brings us very close to getting Web Numbers¹ support implemented natively in Kitten².

OCSP support is removed from Auto Encrypt and Windows support is dropped from all three packages as Microsoft is complicit in Israel’s genocide of the Palestinian people³ and Small Technology Foundation⁴ stands in solidarity with the Boycott, Divestment, and Sanctions (BDS) movement. Furthermore, Windows is an ad-infested and surveillance-ridden dumpster fire of an operating system and, alongside supporting genocide, you are putting both yourself and others at risk by using it.

Enjoy!

💕

🇵🇸 To support families facing genocide in Gaza, consider donating to them via Gaza Verified: https://gaza-verified.org/donate/

¹ https://ar.al/2025/06/25/web-numbers/
² https://kitten.small-web.org/
³ https://www.bdsmovement.net/microsoft
⁴ https://small-tech.org/

#SmallWeb #SmallTech #AutoEncrypt #AutoEncryptLocalhost #https #TLS #NodeJS #web #dev #ACME #LetsEncrypt #WebNumbers #Kitten #BDS #Palestine #Gaza #FreePalestine

💡Denk mee en reageer op de consultatie van het aangepaste “Besluit beveiligde verbinding met overheidswebsites en -webapplicaties”: https://www.internetconsultatie.nl/verzamelbesluitdigitaleoverheid

📜In het herziene besluit op basis van de Wet digitale overheid wordt verwezen naar nieuwe versies van de TLS- en Webapplicatie-richtlijnen van @ncsc_nl. Reageer voor 6 jan, 2026.

Meer info over het huidige besluit: https://www.digitaleoverheid.nl/overzicht-van-alle-onderwerpen/wetgeving/wet-digitale-overheid/veelgestelde-vragen-verplichting-https-en-hsts-voor-overheidswebsites/

#beveiliging #websites #openstandaarden #HTTPS #HSTS

@minbzk @nctvnl @DigitaleOverheid

💡Denk mee en reageer op de consultatie van het aangepaste “Besluit beveiligde verbinding met overheidswebsites en -webapplicaties”: https://www.internetconsultatie.nl/verzamelbesluitdigitaleoverheid

📜In het herziene besluit op basis van de Wet digitale overheid wordt verwezen naar nieuwe versies van de TLS- en Webapplicatie-richtlijnen van @ncsc_nl. Reageer voor 6 jan, 2026.

Meer info over het huidige besluit: https://www.digitaleoverheid.nl/overzicht-van-alle-onderwerpen/wetgeving/wet-digitale-overheid/veelgestelde-vragen-verplichting-https-en-hsts-voor-overheidswebsites/

#beveiliging #websites #openstandaarden #HTTPS #HSTS

@minbzk @nctvnl @DigitaleOverheid

Why write code if the LLM can just do the thing? (web app experiment)

https://github.com/samrolken/nokode

#HackerNews #Why #write #code #if #the #LLM #can #just #do #the #thing? #(web #app #experiment) #https://github.com/samrolken/nokode

codeautomation #AIexperiments #webdevelopment #LLMinnovation #no-code

A #linux application runs inside an LX-branded zone, where the #Illumos kernel (descended from #Solaris) natively implements the Linux kernel ABI. A #VPN connection, terminated in a separate Solaris-style zone, routes the application's traffic to a VPN endpoint on an #OpenBSD system running #Nginx, which serves #HTTPS content on a custom domain.
Life is great!

A #linux application runs inside an LX-branded zone, where the #Illumos kernel (descended from #Solaris) natively implements the Linux kernel ABI. A #VPN connection, terminated in a separate Solaris-style zone, routes the application's traffic to a VPN endpoint on an #OpenBSD system running #Nginx, which serves #HTTPS content on a custom domain.
Life is great!

LibreSSL 4.1.1 and 4.0.1 released https://www.undeadly.org/cgi?action=article;sid=20251002054519 #openbsd #libressl #tls #https #cryptography #security #newrelease #development #freesoftware #libresoftware

LibreSSL 4.1.1 and 4.0.1 released https://www.undeadly.org/cgi?action=article;sid=20251002054519 #openbsd #libressl #tls #https #cryptography #security #newrelease #development #freesoftware #libresoftware

Yesterday, 10 years ago, Let's Encrypt issued their first #TLS #certificate to the domain name helloworld.letsencrypt.org. Since then, they issued 7 billion certificates.

To quote Borat: "Great success!"

Congrats!

#letsencrypt #tls #ssl #https

Yesterday, 10 years ago, Let's Encrypt issued their first #TLS #certificate to the domain name helloworld.letsencrypt.org. Since then, they issued 7 billion certificates.

To quote Borat: "Great success!"

Congrats!

#letsencrypt #tls #ssl #https

CRLite: Fast, private, and comprehensive certificate revocation checking in Firefox, https://hacks.mozilla.org/2025/08/crlite-fast-private-and-comprehensive-certificate-revocation-checking-in-firefox/.

That’s huge. Great article.

#tls #https #security #privacy #performance#firefox

Chinese web users couldn’t access websites outside the People’s Republic yesterday. The outage lasted an hour and a quarter—with no explanation. Nobody’s sure whether it was a mistake or an ominous test of new #censorship capabilities.

But some are linking it to a recent outage in #Pakistan. In #SBBlogwatch, we shave with Hanlon’s razor.

@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://securityboulevard.com/2025/08/great-firewall-china-web-74-minutes-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc#GreatFirewall #China

Chinese web users couldn’t access websites outside the People’s Republic yesterday. The outage lasted an hour and a quarter—with no explanation. Nobody’s sure whether it was a mistake or an ominous test of new #censorship capabilities.

But some are linking it to a recent outage in #Pakistan. In #SBBlogwatch, we shave with Hanlon’s razor.

@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://securityboulevard.com/2025/08/great-firewall-china-web-74-minutes-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc#GreatFirewall #China

CRLite: Fast, private, and comprehensive certificate revocation checking in Firefox, https://hacks.mozilla.org/2025/08/crlite-fast-private-and-comprehensive-certificate-revocation-checking-in-firefox/.

That’s huge. Great article.

#tls #https #security #privacy #performance#firefox