The Grumpy Troll

Ramblings of a grumpy troll.

DMARC Stance

DMARC is in the email tech news once more, following Yahoo’s decision to publish a DMARC policy on some of their domains, telling recipient systems to reject mails which do not have valid origin information. I’ve previous written here about DMARC in the context of its privacy implications, covering mailing-list disclosures and then revisiting, for bug interactions making matters worse. In addition, my name has come up in various circles because of a patch to Mailman which I contributed to.

(more…)

LXC Routed on Ubuntu

Containers are a decent technology, whether they’re FreeBSD’s Jails, Solaris Zones or Linux’s version. Linux comes with the LXC tools which can be quite useful to managing the containers. If you’re happy to use NAT in front of each container, or a proxy (such as SSH configuration using ProxyCommand to ssh to the containing host) or a web-proxy in front of services, the defaults are decent enough; to be able to directly connect to container service, you want the containers to be on a network which is reachable from outside that machine.

(more…)

CACert

Effective immediately, I will no longer be issuing CACert assurances. My disillusionment has just boiled over, to a level where I do not want to expend any more energy supporting a project where politics has won out over practical security. While it’s a shame that politics elsewhere have kept the CACert root certificate out of browser default trust anchors, CACert remained useful enough as a “private CA which other technical people can probably verify more readily than a certificate from my own CA”.

(more…)

Bitcoin

I’ve had a few people ask me about Bitcoin recently. Rather than repeat myself more than I already have, I’m going to collect together some insightful links and copy/paste liberally from a public Facebook post’s comments, where I wrote on the topic when asked. My thanks to Marc Whitmore for prompting the initial discussion, hosting my diatribe in his comments with nary a cross word, and generally being a true gentleman.

(more…)

Blog moved

As I mentioned in Forthcoming blog move, I was planning to switch my site hosting away from Google Blogger. Of course, that post was back in September. I just spent a little time applying the fixes needed to have some basic styling; on the advice of my colleague Jon, I took a look at Foundation as a site framework; major points in its favour are that it touts semantic markup and accessibility, which are two issues that matter to me.

(more…)