Title was editorialised - Cloudflare isn't switching, they are _adding_ Masque. There's even an "We’re not saying goodbye to Wireguard" heading in there.
@ signs don’t have any meta value at HN. If you want a response from the mods, you’ll need to email them using the footer contact link. Per the HN guidelines:
> Please don't post on HN to ask or tell us something. Send it to hn@ycombinator.com.
> Finally, neither the protocol nor the cryptography it uses are standards-based, making it difficult to keep up with the strongest known cryptography (post-quantum crypto, for example).
Isn't WireGuard post-quantum safe with pre-shared keys?
> ...connections are made through port 443, which for both TCP and UDP blends in well with general HTTP/3 traffic and is less susceptible than Wireguard to blocking.
HTTP3 over QUIC is blanket blocked in many countries (due to QUIC's built-in censorship resistance).
If you pre share symmetric keys, you are only dependent on symmetric keys. Symmetric key cryptography is mostly quantum safe already, although you may need to double your key size.
Probably not post-quantum safe. The first standards just came last year. And there are still arguments that these standards are not good enough. Some were compromised already.