Impression of a newcomer to Caddy

beatquantum · January 6, 2021, 8:48am

I am 3 days young newcomer to Caddy. So pardon me if I get things wrong. Over the last three days I have set up an experimental website at https://caddy.beatquantum.com - guess what, my website already scores equal or better on every publicly available score against guess who - caddyserver.com. Go and check on https://internet.nl for your own websites.
(I am not bragging, but just demonstrating that we as a community can help Caddy reach its full potential.)
In the attached picture is my first comparison of Caddy 2.3 with the latest versions of Nginx and Apache. I am happy for you to agree or disagree; but in the latter case show me efficient solutions. I will not be writing modules and plugins; but happy to test everything you suggest.
I hope to have a constructive exchange here.

francislavoie · January 6, 2021, 9:28am

I find that table confusing. The rows aren’t aligned and are lacking dividers, so it’s very hard to follow.

What do you mean by “Caddy is inflexible on TLS1.3”?

beatquantum · January 6, 2021, 9:34am

Thanks for the feedback on table formatting. I replaced the table in the topic.

Caddy does not allow you to choose which of the TLS1.3 ciphers are allowed or not. Apache does. Nginx does not - but there is a workaround involving the editing of the openssl.cnf file in /etc/ssl

francislavoie · January 6, 2021, 9:43am

Allowing cipher customization for TLS1.3 is actually a huge downside of nginx and apache. Security comes from have strong, known-good defaults. If users can customize it, then it open room for shooting themselves in the foot. So I strongly disagree with that criticism.

beatquantum · January 6, 2021, 9:52am

Some of us would prefer to use a sub-set of the list of ciphers allowed under TLS1.3 specifications (RFC8446 para 9.1 RFC 8446 - The Transport Layer Security (TLS) Protocol Version 1.3) and by making that choice it is unlikely that they will compromise security. (But I respect that we have a difference in opinions. Thanks for sharing yours.)

francislavoie · January 6, 2021, 10:03am

FYI, even if the Caddy project would want to allow cipher customization, it wouldn’t be possible because the underlying Go implementation prevents it:

More context (see comments from Filippo Valsorda):

github.com/golang/go

crypto/tls: TLS 1.3 ciphers are not configurable

opened 04:09AM - 20 Dec 18 UTC

closed 10:57PM - 18 Jan 19 UTC

crvv

NeedsFix FrozenDueToAge

### What version of Go are you using (`go version`)? <pre> go version devel …+e3b4b7baad Tue Dec 18 23:01:06 2018 +0000 darwin/amd64 </pre> ### Does this issue reproduce with the latest release? Yes if 1.12beta1 is the latest release. ### What operating system and processor architecture are you using (`go env`)? <details><summary><code>go env</code> Output</summary><br><pre> GOARCH="amd64" GOBIN="" GOCACHE="/Users/crvv/Library/Caches/go-build" GOEXE="" GOFLAGS="" GOHOSTARCH="amd64" GOHOSTOS="darwin" GOOS="darwin" GOPATH="/Users/crvv/Develop/go" GOPROXY="" GORACE="" GOROOT="/Users/crvv/Develop/goroot" GOTMPDIR="" GOTOOLDIR="/Users/crvv/Develop/goroot/pkg/tool/darwin_amd64" GCCGO="gccgo" CC="clang" CXX="clang++" CGO_ENABLED="1" GOMOD="" CGO_CFLAGS="-g -O2" CGO_CPPFLAGS="" CGO_CXXFLAGS="-g -O2" CGO_FFLAGS="-g -O2" CGO_LDFLAGS="-g -O2" PKG_CONFIG="pkg-config" GOGCCFLAGS="-fPIC -m64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -fdebug-prefix-map=/var/folders/x1/1pp78x6d3n99gpx9f7rz2_rh0000gn/T/go-build965128833=/tmp/go-build -gno-record-gcc-switches -fno-common" </pre></details> ### What did you do? Run the following code with `GODEBUG=http2server=0 go run main.go` ``` Go package main import ( "crypto/tls" "log" "net/http" ) func main() { server := http.Server{ Addr: "localhost:2443", TLSConfig: &tls.Config{ CipherSuites: []uint16{tls.TLS_CHACHA20_POLY1305_SHA256}, MinVersion: tls.VersionTLS13, }, } log.Fatal(server.ListenAndServeTLS("localhost.pem", "localhost-key.pem")) } ``` and `openssl s_client -connect localhost:2443` ### What did you expect to see? A TLS 1.3 connection with TLS_CHACHA20_POLY1305_SHA256 cipher. ### What did you see instead? ``` SSL handshake has read 1603 bytes and written 391 bytes Verification error: unable to verify the first certificate --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 ``` It looks like `Config.CipherSuites` isn't used in TLS 1.3. If this is the desired behavior, I think it should be documented in https://tip.golang.org/pkg/crypto/tls/

beatquantum · January 6, 2021, 10:30am

Thanks for sharing, Francis. That is an interesting discussion thread. I will need to learn how to fork Go and drop the algorithm (0x1301). That would be a project for this summer.

system · January 20, 2021, 8:48am

This topic was automatically closed after 14 days. New replies are no longer allowed.