I figured it was about time for this Gentoo powered blog to enjoy the security and performance enhancements provided by TLSv1.3. However, that meant leaving “Gentoo stable” behind and travel on a journey of discovery into the land of the unmasked and dangerous.
Who would have thought, right? :-)
After installing my certificate from Let’s Encrypt last week I was immediately confronted with the fact that I had made the wrong choice in regard to key sizes. By using a 4096-bit private key I was relying too heavily on the RPi2’s CPU. This became abundantly clear as page load times were increased by 500 – 1000ms.