Disables post-quantum

[bwesterb]

None of the configurations enable post-quantum key agreement. Worse, many disable post-quantum key agreement, which is enabled by default with OpenSSL 3.5.0+ and BoringSSL when no curves are configured.

The solution is not that simple. Adding X25519MLKEM768 as curve will break software that hasn't been upgraded to support it yet. Might be best not to set any curves at all and lean on the default of recent TLS libraries.

[tomato42]

the generator already requests the versions of the libraries used, so it should generate the hybrids as the enabled groups

But, there's a new format for the groups configuration, which also specifies behaviour in case of group being advertised in supported_groups but not in key_shares: X25519MLKEM768:P-256 with a client that sends a P-256 key share but no hybrid key share will select P-256 group, but X25519MLKEM768/P-256 will select X25519MLKEM768 even a key share for it was not sent, but it was advertised as supported by the client (the server will force HRR in such case).
I think that this new syntax should also be used in the generated config files

[Warfields]

Howdy, I'm also here for getting PQC included with configs. I'm up for doing the work to get that done, just point me in the right direction.

[Warfields]

I'm interested in doing this after reading a Cloudflare blog post on this and then going on a tear through all of my own hosted services, checking which ones supported PQC, and wanted to start fixing some default configurations for the software I use.

The blog post also reminded me of some old work that I did around 2023ish when Cloudflare made a push to make everything support PQC. I wanted to enable PQC by default way back when in the CapnProto KJ stdlib but that got shot down (for good reasons at the time since not everything was standardized yet) and continues to have the stance that they will mirror the intermediate configuration. I'd like to finally close that and have PQC enabled by default.