Category Archives: tls

OpenVPN configs with inline data

I’ve been issuing a lot of x.509 certs and OpenVPN user configurations lately, and I came across something that has reduced the complexity quite a bit. It seems that OpenVPN configuration files can now include data inline. So rather than … Continue reading

Posted in CentOS, debian, Free Software, linux, Networking, OpenVPN, OSX, security, Software, tls, tuntap, ubuntu, Windows, work, x509 | 2 Comments

I miss you. Please come back?

… Creating var directory ‘/usr/src/git/debian/pkg-mariadb/builddir/mysql-test/var’… Checking supported features… MariaDB Version 5.5.32-MariaDB-1 Installing system database… – SSL connections supported Collecting tests… Using server port 42388 ============================================================================== TEST RESULT TIME (ms) or COMMENT ————————————————————————– worker[1] Using MTR_BUILD_THREAD 300, with reserved ports 16000..16019 … Continue reading

Posted in autotools, C.J. Insider, colliertech, Databases, debian, Free Software, MariaDB, microsoft, perl, security, Software, tls, wheezy, winter, x509 | Leave a comment

Filing to become a licensed CA

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

All Operative Personnel employed by Collier Technologies LLC, known
here as the Certification Authority or CA, must also be licensed as
notaries public by the local government where they reside during any
act performed on behalf of the CA.

In addition to passing the Washington State Operative Personnel Exam,
all OPs employed by the CA will demonstrate their proficiency by
a) creating a request for issuance as described in 19.34.210§1
RCW, known here as a Certificate Signing Request or CSR; and
b) signing CSR from (a) with a private key issued by the
Certification Authority; and
c) publishing the public key corresponding to the CSR signed in
(b) in a recognized repository as defined by 19.34.400 RCW

While holding the position of Operative Personnel for the CA, the OP
will
a) utilize the private key corresponding to the CSR presented
during the demonstration of proficiency exclusively
b) not use the private key referenced in (a) for purposes other
than those performed on behalf of the CA.

All private key data controlled by the CA and all Operative Personnel
must be
a) stored on a solid-state device; and
b) kept within a locked safe except while in use by OP acting on
behalf of the CA.

All solid-state devices containing private key data controlled by the
CA and all Operative Personnel may only be used
a) on a Trustworthy system, as defined in 19.34.020§43 RCW; and
b) with a system which remains always disconnected from any
computer network
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkwmPOMACgkQXKBS0hdr6UYPTwCglr89VbTlw/wPuLqihaduw8Cw
z1gAnjwiDx47FTInVHBo9bo9VsVn/IDl
=9oar
—–END PGP SIGNATURE—–
Continue reading

Posted in colliertech, cryptography, debian, Free Software, government, investment, linux, pgp, security, tls, work, x509 | Leave a comment

spamassassin tls plugin

Anybody got a tls plugin for spamassassin? Something that will check to see whether incoming mail is signed by a certificate known to and trusted by spamd?

Posted in mysql, network saturation, performance, rss, spam, spamassassin, tls | Leave a comment