Entry Comments

deekoo
0x7D3 February 0x1B:

The shoggoth's coming along well, but I ran into a minor catch: Yarm's certificate has expired. Now, that by itself is harmless - just spew a new cert and be done with it for a year (or whatever my expirytime is.). But that brings up an interesting hermetically sealed jar of annelida: How should I handle cert-management? Yeemp currently uses SSH-style single eternal certs, set to expire a year after generation because I figured that, given a year, I'd've gotten around to the rekeying code by now.

Options:
A single eternal certificate, with no expiry this time. Upside: Implementationally easy - probably less than a line to change. Downside: no easy way to deal with rekeying in the event that the server cert gets exposed.
A single eternal CA per-server, issuing expiring certs. Upside: Can have CRLs; and five-year-old total-backup-of-server tape handed to The Spooks becomes less of a threat. Downside: increased code complexity. Which is both more annoying and has more room for bugs.
Or perhaps something else?

Meanwhile, and likely more important (one may get the idea that Deekoo has delusions of grandeur here, but the voices in my head assure me that I'm perfectly sane...), the Department of Justice has been apparently busy drafting something they call the "Domestic Security Enhancement Act". This bill would significantly increase the power of the executive branch of the US gov't. Most dramatic feature: Remember when El Presidente authorized the disappearance and execution of noncitizens? The DSEA provides for the expatriation of anyone who provides 'material support' to a terrorist organization. (Which means that if a Confidential Informant reports that you have a quarter-ounce of FARC-supplied primo gypsum^H^H^H^H^H^Hcocaine on your premises, you're off to Antarctica, or wherever the prison camps are planned for...)


	John AshKKKroft on 0x7D3 March 0x1: I'm afraid we're going to have to confiscate that. You know we have this chimp over here in Washington with a little gypsum problem. And to correct your mistake: Antartica? That would be too...cold. You Godless heathen would freeze to death before we could work you there. What do you think they've been building that space station for? Nobody's going to escape THIS concentration camp. $STUDENT on 0x7D3 March 0x19: ...Antarctica, for all that it's very cold, has its good points. I would personally rather be sent to a prison camp in a very COLD place than to one in a very HOT place e.g. Leavenworth. And yes, I did see 'one day in the life of Ivan Denisovitch' and the answer is still the same. (Not that you actually asked) And.. the penguins are in Antarctica. It's a real place, with real dirt, which after the colossal global warming and radioactive-EMP disaster might not be that bad a place. There are little thingies living there right now, far under the ice. It's so cold there, they still have the same oxygen they had in 1952. Waiting for the fusion worms... I guess I have been failing to ask myself "what quantitative means do I have of deciding between 'Oh that's a damned shame' and 'Deity, your ass, if any, is my ass, so wiggle up, cuz it's it' for Best of Attitudes with which to greet one's Sudden or Not So Sudden (read:ugly) Death along with $POPULATION = "wherever one is" of # I might have got this wrong # but I can't get @ my notes, your kind indulgence, etc, usw. my place= $PLACE It's almost impossible to do anything about anything except ask myself "Am I ready to die?, and if not, why not?" Asking oneself the question 'Am I ready to be enslaved forever?" is much more distasteful because the answer is always 'No, and it don't matter WHAT you do, you'll never be ready". So, Kim..or anybody really. Drop one on my ass. Save me and those I love from the Americans. Out of harm's way... NP: Esplendor Geometrico "Moscu Esta Helado" Nameless User on 0x7D3 April 0x6: Nameless User on 0x7D3 April 0x6:

{ Add Comment }