servercert
duckduckgo-locales
servercert | duckduckgo-locales | |
---|---|---|
10 | 2,168 | |
163 | 99 | |
1.8% | - | |
6.3 | 9.8 | |
16 days ago | 6 days ago | |
CSS | Perl | |
- | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
servercert
- SSL certificate lifetimes are going down. Dates proposed. 45 days by 2027
- CA/Browser Forum SC-081: Introduce Schedule of Reducing Validity Periods
- WebPKI – Introduce Schedule of Reducing Validity (Of TLS Server Certificates)
-
We Spent $20 to Achieve RCE and Accidentally Became the Admins of .MOBI
The current CAB Forum Baseline Requirements call for "Multi-Perspective Issuance Corroboration" [1] i.e. make sure the DNS or HTTP challenge looks the same from several different data centres in different countries.
[1] https://github.com/cabforum/servercert/blob/main/docs/BR.md#...
-
DigiCert Revocation Incident (Cname Domain Validation)
There's no prohibition against issuing certificates for names on the Public Suffix List.
BR 3.2.2.6 prohibits issuing a wildcard certificate for an entire public suffix unless the "Applicant proves its rightful control of the entire Domain Namespace" (without specifying how this should be done - arguably, publishing a DNS record would qualify) but also says that CAs should use the "ICANN DOMAINS" section of the PSL only, not the "PRIVATE DOMAINS" section, so domains for dynamic DNS providers and the like wouldn't be included in any case. [https://github.com/cabforum/servercert/blob/main/docs/BR.md#...]
-
All I Know About Certificates – Certificate Authority
That's because some people came along and produced a parallel standard [1] adding loads more rules, clarifications and constraints to convert X509 into something approximately fit for purpose.
[1] https://github.com/cabforum/servercert
-
Does my site need HTTPS?
This is permitted: https://github.com/cabforum/servercert/blob/main/docs/BR.md#...
But it hasn't really caught on; a lot of registrars don't seem to want the complexity of being (or integrating with) a CA, and vice versa.
-
Let's Encrypt: Issue with TLS-ALPN-01 Validation Method
It is unfortunate. It's required: https://github.com/cabforum/servercert/blob/main/docs/BR.md#...
-
MarkMonitor left 60k domains for the taking
No, they don't have to MitM the CA's domain validation request. While they have brief control over the website, they use domain validation method 3.2.2.4.18 (Agreed-Upon Change to Website v2)[1] or 3.2.2.4.19 (Agreed-Upon Change to Website - ACME)[2] to legitimately complete domain validation by making a change to the website.
[1] https://github.com/cabforum/servercert/blob/cda0f92ee70121fd...
- A safer default for navigation: HTTPS
duckduckgo-locales
-
Geometric line-art of Wacław Szpakowski
I enjoyed those, thanks! I like the circular grid eddy type ones the most. I wanted to highlight some favourites but they have a curious phenomenon where, after studying one for a while, looking at a new one is so refreshing that it always ranks higher so I just get stuck in a circle myself!
Reminds me of the graphic design at "May Contain Hackers 2022" that I really liked: https://mch2022.org/#/ which included a tool to generate similar designs https://mch2022.org/design/
Also reminds me of Bernard Cohen works that I loved in Tate Modern. For me, he achieves something next level which is to go beyond just pressing my "pleasing geometric pattern" buttons but also the type of order/disorder that feels like a human intelligence at work too.
I can't find a page including the ones I have in mind but:
https://www.flowersgallery.com/exhibitions/387-bernard-cohen...
https://www.artnet.com/artists/bernard-cohen/
Sod it, this is probably more comprehensive:
https://duckduckgo.com/?q=bernard+cohen+works&iax=images&ia=...
-
The capacitor that Apple soldered incorrectly at the factory
Recently read that if you are going to be using an LED bulb in an enclosed space, buy bulbs designed for the high temperature, otherwise you WILL get premature failures in bulbs that will last for years in ordinary lamps.
https://duckduckgo.com/?t=lm&q=led+bulbs+enclosed+fixture+ra...
- Cybertruck's Many Recalls Make It Worse Than 91 Percent of All 2024 Vehicles
-
Bottles of OOP now available in Python
That is easy to say in hindsight when given the example. It is not so easy to see in advance. After all, OOP’s proponents say that OOP makes everything better. You never hear them saying “don’t use OOP here”.
https://duckduckgo.com/?q=oop+inheritance+behavior
I doubt you would find a single result in the top 10 saying not to do this and many will seem to encourage it. One of the results says:
> Inheritance is frequently used to integrate your code with library code
A much younger version of myself said: Daemonizing should be a library function. Let’s use inheritance to do that.
Saying it is not really taught properly is avoiding the reality that you just can’t teach it properly. Knowing for certain when it will not cause problems requires knowing the future.
-
Is the 80 character line limit still relevant? (2008)
Someone else is going to be weird and want to look this up so I'll save you the trouble.
Yes, this commenter's claim about line lengths are supported by many, many different sources who recommend a 50 to 80 character line length.
https://duckduckgo.com/?q=reading+optimal+line+length
-
Rats Learned to Drive–and They Love It
Or dogs skateboarding, leaning into the curve of the roads.
https://duckduckgo.com/?t=ffab&q=dog+skating&iax=videos&ia=v...
-
Teen serial swatter-for-hire busted, pleads guilty, could face 20 years
> What percentage of current police departments were conversions from slave patrols? What is the source of this data?
https://duckduckgo.com/?hps=1&q=police+departments+were+conv...
-
Lindt not 'expertly crafted with the finest ingredients'. Lead in dark chocolate
Meanwhile in Germany the people are standing in rows on the streets since 2AM because of some influencer shit about superspecial 'Dubai Chocolate' in limited edition.
https://news.google.com/search?for=lindt+dubai+schokolade&hl...
https://duckduckgo.com/?t=ffab&q=Dubai+Chocolate&ia=web
- Elon Musk and Vivek Ramaswamy to Lead Department of Government Efficiency (DOGE)
- Don't search for "biglittle sucks" on DDG
What are some alternatives?
cert-gen - Generate CA and self-signed SSL certificates usable in your browser for local development.
Searx - Privacy-respecting metasearch engine
acme-dns - Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.
torsocks - Library to torify application - NOTE: upstream has been moved to https://gitweb.torproject.org/torsocks.git
devcert-cli - A CLI wrapper for devcert, to manage development SSL/TLS certificates and domains
hn-search - Hacker News Search
devcert - Local HTTPS development made easy
SimpleLogin - The SimpleLogin back-end and web app
pykka - 🌀 Pykka makes it easier to build concurrent Python applications.
Tutanota makes encryption easy - Tuta is an email service with a strong focus on security and privacy that lets you encrypt emails, contacts and calendar entries on all your devices.
x509-limbo - A suite of testvectors for X.509 certificate path validation and tools for building them
brave-browser - Brave browser for Android, iOS, Linux, macOS, Windows.