Category Archives: x509

Some statistics from the router at the cabin

sip0 is a GRE tunnel between the router and the colo box in Seattle, the payload of which is encapsulated as ipsec traffic before being transmitted over the Ubiquity equipment to the switch that the CenturyLink DSL modem attaches to. … Continue reading

Posted in 2015, cisco, colliertech, cryptography, debian, Free Software, gpl, Hardware, ipsec, jessie, linux, Networking, performance, production, rate limiting, security, SELinux, Software, Telephony, tls, washington, wireless, work, x509 | Leave a comment

Trip Report: UW signing-party

Dear Debian Users, I met last night with a friend from many years ago and a number of students of cryptography. I was disappointed to see the prevalence of black hat, anti-government hackers at the event. I was hoping that … Continue reading

Posted in 19.34 RCW, amateur, cryptography, debian, Free Software, freenode, government, gpl, irc, LD43, linux, microsoft, military, Networking, NIST, nsa, open source, OSX, pgp, politics, PRCCDC, production, security, SELinux, Software, tls, ubuntu, washington, Washington State Ubuntu LoCo, Windows, x509 | 17 Comments

OpenVPN configs with inline data

I’ve been issuing a lot of x.509 certs and OpenVPN user configurations lately, and I came across something that has reduced the complexity quite a bit. It seems that OpenVPN configuration files can now include data inline. So rather than … Continue reading

Posted in CentOS, debian, Free Software, linux, Networking, OpenVPN, OSX, security, Software, tls, tuntap, ubuntu, Windows, work, x509 | 2 Comments

I miss you. Please come back?

… Creating var directory ‘/usr/src/git/debian/pkg-mariadb/builddir/mysql-test/var’… Checking supported features… MariaDB Version 5.5.32-MariaDB-1 Installing system database… – SSL connections supported Collecting tests… Using server port 42388 ============================================================================== TEST RESULT TIME (ms) or COMMENT ————————————————————————– worker[1] Using MTR_BUILD_THREAD 300, with reserved ports 16000..16019 … Continue reading

Posted in autotools, C.J. Insider, colliertech, Databases, debian, Free Software, MariaDB, microsoft, perl, security, Software, tls, wheezy, winter, x509 | Leave a comment

Filing to become a licensed CA

Hash: SHA1

All Operative Personnel employed by Collier Technologies LLC, known
here as the Certification Authority or CA, must also be licensed as
notaries public by the local government where they reside during any
act performed on behalf of the CA.

In addition to passing the Washington State Operative Personnel Exam,
all OPs employed by the CA will demonstrate their proficiency by
a) creating a request for issuance as described in 19.34.210§1
RCW, known here as a Certificate Signing Request or CSR; and
b) signing CSR from (a) with a private key issued by the
Certification Authority; and
c) publishing the public key corresponding to the CSR signed in
(b) in a recognized repository as defined by 19.34.400 RCW

While holding the position of Operative Personnel for the CA, the OP
a) utilize the private key corresponding to the CSR presented
during the demonstration of proficiency exclusively
b) not use the private key referenced in (a) for purposes other
than those performed on behalf of the CA.

All private key data controlled by the CA and all Operative Personnel
must be
a) stored on a solid-state device; and
b) kept within a locked safe except while in use by OP acting on
behalf of the CA.

All solid-state devices containing private key data controlled by the
CA and all Operative Personnel may only be used
a) on a Trustworthy system, as defined in 19.34.020§43 RCW; and
b) with a system which remains always disconnected from any
computer network
Version: GnuPG v1.4.10 (GNU/Linux)

Continue reading

Posted in colliertech, cryptography, debian, Free Software, government, investment, linux, pgp, security, tls, work, x509 | Leave a comment

Thunderbird is good.

I just got a notification from Thunderbird telling me that it’s upgrading itself. Those of you paying attention to current events in the information security world just found out why Free/open source software is teh l33t. Were you watching, Eric?

Posted in Free Software, mozilla, open source, security, thunderbird, x509 | Leave a comment