Category Archives: x509
LLC-Technologies-Collier/Demo-SCCC-Byte-AngularJS
Hello dear readers and attendees, This is the post that I will be/ will have been referencing during my presentation to the Seattle Central Community College’s Byte club on Thursday, December 10th at 1500-1630. I will begin with a bit … Continue reading
Some statistics from the router at the cabin
sip0 is a GRE tunnel between the router and the colo box in Seattle, the payload of which is encapsulated as ipsec traffic before being transmitted over the Ubiquity equipment to the switch that the CenturyLink DSL modem attaches to. … Continue reading
Trip Report: UW signing-party
Dear Debian Users, I met last night with a friend from many years ago and a number of students of cryptography. I was disappointed to see the prevalence of black hat, anti-government hackers at the event. I was hoping that … Continue reading
OpenVPN configs with inline data
I’ve been issuing a lot of x.509 certs and OpenVPN user configurations lately, and I came across something that has reduced the complexity quite a bit. It seems that OpenVPN configuration files can now include data inline. So rather than … Continue reading
I miss you. Please come back?
… Creating var directory ‘/usr/src/git/debian/pkg-mariadb/builddir/mysql-test/var’… Checking supported features… MariaDB Version 5.5.32-MariaDB-1 Installing system database… – SSL connections supported Collecting tests… Using server port 42388 ============================================================================== TEST RESULT TIME (ms) or COMMENT ————————————————————————– worker[1] Using MTR_BUILD_THREAD 300, with reserved ports 16000..16019 … Continue reading
Filing to become a licensed CA
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
All Operative Personnel employed by Collier Technologies LLC, known
here as the Certification Authority or CA, must also be licensed as
notaries public by the local government where they reside during any
act performed on behalf of the CA.
In addition to passing the Washington State Operative Personnel Exam,
all OPs employed by the CA will demonstrate their proficiency by
a) creating a request for issuance as described in 19.34.210§1
RCW, known here as a Certificate Signing Request or CSR; and
b) signing CSR from (a) with a private key issued by the
Certification Authority; and
c) publishing the public key corresponding to the CSR signed in
(b) in a recognized repository as defined by 19.34.400 RCW
While holding the position of Operative Personnel for the CA, the OP
will
a) utilize the private key corresponding to the CSR presented
during the demonstration of proficiency exclusively
b) not use the private key referenced in (a) for purposes other
than those performed on behalf of the CA.
All private key data controlled by the CA and all Operative Personnel
must be
a) stored on a solid-state device; and
b) kept within a locked safe except while in use by OP acting on
behalf of the CA.
All solid-state devices containing private key data controlled by the
CA and all Operative Personnel may only be used
a) on a Trustworthy system, as defined in 19.34.020§43 RCW; and
b) with a system which remains always disconnected from any
computer network
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkwmPOMACgkQXKBS0hdr6UYPTwCglr89VbTlw/wPuLqihaduw8Cw
z1gAnjwiDx47FTInVHBo9bo9VsVn/IDl
=9oar
—–END PGP SIGNATURE—–
Continue reading
Thunderbird is good.
I just got a notification from Thunderbird telling me that it’s upgrading itself. Those of you paying attention to current events in the information security world just found out why Free/open source software is teh l33t. Were you watching, Eric?