rasculdunno what i'm gonna do yet for parsing microformats, html5ever is supposedly the be all, end all of html parsing in rust but i haven't been able to figure it out yet http://doc.servo.org/html5ever/index.html
miklbI have a bottle neck somewhere in checking for received webmentions which is adding some overhead in my build time. I also generate a lot of tag & archive pages
miklbmy site builds faster in Travis that on my old laptop, I'm not rapid posting or need it in seconds so not a big deal. I do have 500+ posts, maybe closer to 600 then all the archive stuff
LoqiA tagline is a short phrase intended to uniquely identify a person, product, or company, usually displayed visually on a web page shortly after the name https://indieweb.org/tagline
rasculin this context, it's essentially the same as a self signed tls certificate, the host telling you this is the certificate without any external confirmation
rasculin the context of https, that's where certificate authorities come in, they sign the certificates so that a third party can verify that it's the proper certificate
rasculthere is nothing like that built in for ssh, so it's up to you to verify that fingerprint the first time you connect, just like with self signed tls certificate it's up to you to verify it's the right certificate the first time you connect
sknebelHTTPS Everywhere had a feature where it could compare the cert you see with a central database the EFF ran, something like that could be build with some decentralized sync mechanism instead
rasculA digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or on assertions made by the private key that corresponds to the certified public key. https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates
sknebelbut the full certificate chain is transmitted on connection, so you don't need to know anything specific beforehand, just a way to figure out if you trust that certificate once you received it
sknebel(e.g. check that there is valid signing chain to a root you trust, verification that the key is the same that was pinned on a previous visit, ...)
rasculand that's where certificate authorities come in, a "reliable" third party that tells you which certs are good based on how much money they receive
rasculthere are standards that the certificate authorities are required to use, but there's plenty of cases where for whatever reason they failed to abide by those standards
sknebelwhat I always disliked is that a webserver can't offer multiple certs for the same domain, that would make experimentation with other verification systems easier
rasculbtw https://cabforum.org/ if you're interested in finding out what the certificate authorities are supposed to do, some browsers may require more though
chrisaldrich1I caught a snippet of that conversation and "circle of trust". Just have to be careful as some spammers in facebook used an end-around on part of what you suggested.
AngeloGladdingrandom aside -- doubled my build time by including a library to properly sort Mr. Çelik in my "buddy list" -- putting some polish on before I write it up
chrisaldrich1In those cases, a spammer would create a new account that duplicated a "friend's" profile. Then by friending a few in their circle and being befriended back by unwitting/unsophisticated users then dupped many others into following.
chrisaldrich1Of course having even one user "poisoning" that well by crying foul can fix the issue, but alternately one bad actor giving a false negative can cause issues on the other side too
tantekSince when did Google Docs start loading infinite javascripts from 0.docs.google.com, 1.docs.google.com, 2.docs.google.com, etc.... so far up to 23 and no sign of an end in sight.
aaronpkweird friend requests from people who say they went to the same school as me and we have a bunch of friends in common except i know it's a fake account because there were only 8 other people in my high school class
aaronpkbut once they start having a few friends in common, facebook suggests them as a friend to people who share other common friends and then it just keeps growing
AngeloGladdingper WP: According to Facebook, the real-name policy stems from the position "that way, you always know who you're connecting with. This helps keep our community safe."