servercert
web.dev
servercert | web.dev | |
---|---|---|
4 | 148 | |
124 | 3,547 | |
4.8% | - | |
4.7 | 9.0 | |
2 days ago | 2 months ago | |
CSS | Nunjucks | |
- | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
servercert
-
Does my site need HTTPS?
This is permitted: https://github.com/cabforum/servercert/blob/main/docs/BR.md#...
But it hasn't really caught on; a lot of registrars don't seem to want the complexity of being (or integrating with) a CA, and vice versa.
-
Let's Encrypt: Issue with TLS-ALPN-01 Validation Method
It is unfortunate. It's required: https://github.com/cabforum/servercert/blob/main/docs/BR.md#...
-
MarkMonitor left 60k domains for the taking
No, they don't have to MitM the CA's domain validation request. While they have brief control over the website, they use domain validation method 3.2.2.4.18 (Agreed-Upon Change to Website v2)[1] or 3.2.2.4.19 (Agreed-Upon Change to Website - ACME)[2] to legitimately complete domain validation by making a change to the website.
[1] https://github.com/cabforum/servercert/blob/cda0f92ee70121fd...
-
A safer default for navigation: HTTPS
The article you linked to is kind of confused and I'm not sure I blame them. This stuff is really complex!
According to the proposal[0], leaf certificates are prohibited from being signed with a validity window of more than 397 days by a CA/B[1] compliant Certificate authority. This is very VERY different from the cert not being valid. It means that a CA could absolutely make you a certificate that violated these rules. If a CA signed a certificate with a longer window, they would risk having their root CA removed from the CA/B trust store which would make their root certificate pretty much worthless.
To validate this, you can look at the CA certificates that Google has[2] that are set to expire in 2036 (scroll down to "Download CA certificates" and expand the "Root CAs" section) several of which have been issued since that CA/B governance change.
As of right now, as far as I know, Chrome will continue to trust certificates that are signed with a larger window. I've not heard anything about browsers enforcing validity windows or anything like that, but would be delighted to find out the ways that I'm wrong if you can point me to a link.
Further, your home made root certificate will almost certainly not be accepted by CA/B into their trust store (and it sounds like you wouldn't want that) which means you're not bound by their governance. Feel free to issue yourself a certificate that lasts 1000 years and certifies that you're made out of marshmallows or whatever you want. As long as you install the public part of the CA into your devices it'll work great and your phone/laptop/whatever will be 100% sure you're made out of puffed sugar.
I guess I have to disclose that I'm an xoogler who worked on certificate issuance infrastructure and that this is my opinion, that my opinons are bad and I should feel bad :zoidberg:.
[0] https://github.com/cabforum/servercert/pull/138/commits/2b06...
web.dev
-
Building a realtime chat app with Next.js and Vercel
Before we start creating pages in our application, it's important to understand how Next.js renders content. The framework supports multiple rendering methods including server-side rendering (SSR), static site rendering (SSG), and client-side rendering (CSR). There are many pros and cons to each rendering method (too many to cover in this post) so if these concepts are new to you, Google’s web.dev site has a very good introduction to rendering on the web that can help you understand rendering options.
-
Navigating the Waters of Core Web Vitals in 2024
The lifecycle of an interaction. Source: web.dev
-
How hard has code splitting been in your experience?
Probably not, it's the CSS used so far, so if there are elements you've not interacted with, that's an issue. This web.dev article gives some tools you can use https://web.dev/articles/extract-critical-css
-
Google have removed RSS support from their developer blogs
I noticed the same for Google's site https://web.dev/
The last article pushed to the feed was "Changes to the web.dev infrastructure" few months ago https://web.dev/blog/webdev-migration
The feed still there but with no updates https://web.dev/feed.xml and on the site you can see new articles published.
Is sad that on a infrastructure revamp of a modern site, the RSS feed was left out of the features list (at least for now).
-
How do websites have a prompt on unsupported browsers?
Upon testing on Firefox and Mi Browser, there was no triggering of the BeforeInstallPrompt event, as expected. However, I noticed that web.dev manages to display a prompt on these browsers, even though they theoretically lack support for the BeforeInstallPrompt event.
-
StackOverflow alternatives for web developers
web.dev, maintained by Google, including posts by Chrome developers and their co-workers,
-
Progressive vs. Incremental Rendering/(Re)Hydration
In a old web.dev articleI came across the word "Incremental (Re)Hydration" which is linked to a Glimmer.js-Blog post (also called "Incremental Rendering" there) confuses me. Is Incremental (Re)Hydration the same as Progressive (Re)Hydration? Reading the Glimmer-Blog article it seems so, but in the web.devarticle it seems to be something different.
-
Staying up to date with the industry with newsletters
Web.dev newsletter - though it's not a weekly newsletter and it's only content from web.dev (though really high quality content)
-
Is it possible to get into coding at 21 with no qualifications self taught?
Just open up a text edi web developers are self-taught. a website. That's what I did. Some people like this: https://web.dev
- Ya saben a donde anotarse si la quieren pegar en IT.
What are some alternatives?
cert-gen - Generate CA and self-signed SSL certificates usable in your browser for local development.
vanilla-extract - Zero-runtime Stylesheets-in-TypeScript
acme-dns - Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.
lighthouse - Automated auditing, performance metrics, and best practices for the web.
devcert - Local HTTPS development made easy
TheAnnoyingSite.com - The Annoying Site a.k.a. "The Power of the Web Platform"
devcert-cli - A CLI wrapper for devcert, to manage development SSL/TLS certificates and domains
lite-youtube-embed - A faster youtube embed.
bedrock - WordPress boilerplate with Composer, easier configuration, and an improved folder structure
VuePress - 📝 Minimalistic Vue-powered static site generator
WebFundamentals - Former git repo for WebFundamentals on developers.google.com
ToolJet - Low-code platform for building business applications. Connect to databases, cloud storages, GraphQL, API endpoints, Airtable, Google sheets, OpenAI, etc and build apps using drag and drop application builder. Built using JavaScript/TypeScript. 🚀