comment - Dave's Blog

Search
My timeline on Mastodon

Let's Encrypt NearlyFreeSpeech.net Update

2016 Nov 5, 8:59

Since I had last posted about using Let's Encrypt with NearlyFreeSpeech, NFS has changed their process for setting TLS info. Instead of putting the various files in /home/protected/ssl and submitting an assistance request, now there is a command to submit the certificate info and a webpage for submitting the certificate info.

The webpage is https://members.nearlyfreespeech.net/{username}/sites/{sitename}/add_tls and has a textbox for you to paste in all the cert info in PEM form into the textbox. The domain key, the domain certificate, and the Let's Encrypt intermediate cert must be pasted into the textbox and submitted.

Alternatively, that same info may be provided as standard input to nfsn -i set-tls

To renew my certificate with the updated NFS process I followed the commands from Andrei Damian-Fekete's script which depends on acme_tiny.py:

python acme_tiny.py --account-key account.key --csr domain.csr --acme-dir /home/public/.well-known/acme-challenge/ > signed.crt
wget -O - https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem > intermediate.pem
cat domain.key signed.crt intermediate.pem > chained.pem
nfsn -i set-tls < chained.pem
Because my certificate had already expired I needed to comment out the section in acme_tiny.py that validates the challenge file. The filenames in the above map to the following:
  • signed.crt is the Let's Encrypt provided certificate
  • account.key is the user private key registered with LE
  • domain.csr is the cert request
  • domain.key is the key for the domain cert
PermalinkCommentscertificate lets-encrypt nearlyfreespeech.net

Retweet of soaj1664ashar

2015 Dec 5, 12:52
[Blogged]: The Dark Side of Comments: https://respectxss.blogspot.de/2015/12/the-dark-side-of-comments.html … #XSS #comments
PermalinkComments

Eminem meets Beatles: http://8mileandabbey.com/

2015 Apr 14, 8:08


Eminem meets Beatles: http://8mileandabbey.com/

PermalinkComments

Eminem meets Beatles: http://8mileandabbey.com/

2015 Apr 14, 8:08


Eminem meets Beatles: http://8mileandabbey.com/

PermalinkComments

Retweet of 18F

2015 Mar 16, 9:48
Today the White House is proposing an HTTPS-only standard for the entire federal government: https://https.cio.gov  Public comment welcome!
PermalinkComments

exec($_GET

2014 Apr 29, 8:27

Does it betray my innocence that I’m shocked by the amount of exec($_GET you can easily find on github? Hilarious comment thread on hacker news: 

This is awful. Shell commands are not guaranteed to be idempotent, people! These should all be of the form exec($_POST, not exec($_GET.

ephemeralgomi

PermalinkCommentshumor security http php technical

(via Classic pro-science-careers music video PSA: Chemical...

2012 Jun 29, 10:03


(via Classic pro-science-careers music video PSA: Chemical Party)

Xeni says: “The EU wasn’t always so terrible at promoting science careers through funny internet music videos! (thanks, Guido)”

PermalinkCommentshumor chemistry video

IAmA NASA Astronaut who recently returned to Earth and I am new to reddit (reddit.com)

2012 Mar 23, 2:08

Astronaut endorses destroying the moon!

The best exchange on the IAmA:

Ghostshirts it’s been a dream for a long time now, do you think that we’ll actually be able to blow up the moon in our lifetime?

RonGaran I truly believe that we can accomplish anything we set our minds on. We only need the will to do it

PermalinkCommentshumor nasa astronaut moon

Super Mario Bloco em Santa! (by only4crap) Also, great...

2012 Feb 28, 7:20


Super Mario Bloco em Santa! (by only4crap)

Also, great BoingBoing comment:

beemohCollapse

The slow pace of the initial march and the placards makes it look more like an Occupy World 1-1 protest march.

PermalinkCommentshumor video-game mario music video

URI Percent-Encoding Ignorance Level 1 - Purpose

2012 Feb 15, 4:00

As a professional URI aficionado I deal with various levels of ignorance on URI percent-encoding (aka URI encoding, or URL escaping).

Worse than the lame blog comments hating on percent-encoding is the shipping code which can do actual damage. In one very large project I won't name, I've fixed code that decodes all percent-encoded octets in a URI in order to get rid of pesky percents before calling ShellExecute. An unnamed developer with similar intent but clearly much craftier did the same thing in a loop until the string's length stopped changing. As it turns out percent-encoding serves a purpose and can't just be removed arbitrarily.

Percent-encoding exists so that one can represent data in a URI that would otherwise not be allowed or would be interpretted as a delimiter instead of data. For example, the space character (U+0020) is not allowed in a URI and so must be percent-encoded in order to appear in a URI:

  1. http://example.com/the%20path/
  2. http://example.com/the path/
In the above the first is a valid URI while the second is not valid since a space appears directly in the URI. Depending on the context and the code through which the wannabe URI is run one may get unexpected failure.

For an additional example, the question mark delimits the path from the query. If one wanted the question mark to appear as part of the path rather than delimit the path from the query, it must be percent-encoded:

  1. http://example.com/foo%3Fbar
  2. http://example.com/foo?bar
In the second, the question mark appears plainly and so delimits the path "/foo" from the query "bar". And in the first, the querstion mark is percent-encoded and so the path is "/foo%3Fbar".
PermalinkCommentsencoding uri technical ietf percent-encoding

I made this Classic NES Valentine’s Card (free download in...

2012 Feb 7, 12:17


I made this Classic NES Valentine’s Card (free download in comments). - Imgur

PermalinkCommentshumor megaman metroid valentines video-game

This game was made entirely in css (no javascript) (jsrun.it)

2012 Jan 24, 1:47

Very impressive HTML, CSS, and no javascript game.  See the HN comments for how it is done.

PermalinkCommentstechnical css html game css3 js javascript

(via please reblog and remove all attribution (3 Comments))

2011 Nov 17, 2:22


(via please reblog and remove all attribution (3 Comments))

PermalinkComments

Elements of Modern C++ Style (herbsutter.com)

2011 Nov 15, 11:59

Summary of some of the new C++ features with comments and suggested usage.  Not sure I agree with the take on auto.

‘“C++11 feels like a new language.” – Bjarne Stroustrup’

PermalinkCommentstechnical c++ programming

My favourite comment ever posted on Reddit

2011 Oct 26, 8:04
"Knowledge is Power; France is bacon"
PermalinkCommentstechnical

Powershell to test your XPath

2011 Apr 14, 5:11This page and esp. the final comment on the page were very helpful with describing how to parse XML in PowerShell.PermalinkCommentspowershell xml xpath technical programming

Ratatat Rocks

2010 Dec 28, 10:42
I just found out that I like the group Ratatat. I'd first heard them way back when the Zune was first released as the backing for Los Corazones on the zune-arts.net website.




But I didn't know who they were until today when I watched this Filmography 2010 video (via Kottke)



Until about 1:16 in, the music is Ratatat's Nostrand. On the first viewing it drove me crazy because I could only vaguely recall hearing something like that music before. I tracked it down via the zune-arts thing above and eventually found my way to the Nostrand video. Funny, all the recent comments on that one are from people who also just watched the Filmography video.
PermalinkComments

Salmon Protocol: Protocol Summary

2010 Jun 20, 2:05A more friendly summary of the Salmon Protocol -- the distributed commenting procotol. After telling Sarah I was reading about salmon, we watched the Salmon Dance video again.PermalinkCommentstechnical salmon protocol comment atom rss social reference

Draft: The Salmon Protocol

2010 Jun 20, 1:18Protocol for doing distributed commenting and implemented by Google Buzz! "This document defines a lightweight, robust, and secure protocol for sending unsolicited notifications — especially comments and responses on syndicated feed content — to specified endpoints; along with rules to enable resulting content to itself be syndicated robustly and securely."PermalinkCommentscomment blog atom rss google buzz salmon reference specification protocol syndication technical

'Firefly' Fan Webcomic Takes 'Serenity' Carnage to New Levels [Exclusive] - ComicsAlliance | Comics culture, news, humor, commentary, and reviews

2010 Apr 20, 5:04
PermalinkCommentshumor firefly serenity comic
Older Entries Creative Commons License Some rights reserved.