The way I understand the history of x509 certificates, it was always meant to be decentralised. A network of trust with a certain level of hierarchy, but with lateral trust relationships between organisations. This is how it works for travel documents since many years. But on the internet we got a massive push towards centralisation, leading to the typical reply I now get when talking about setting up a CA (Certification Authority): "It will not be trusted". That's not how it should work...
1/n
Le sigh. There must be a simpler way, but I cannot find it. Trying to get the SHA256 fingerprint of a x509 certificate as one long string without colons or something works with:
openssl x509 -in roots.pem -noout -fingerprint -sha256 | sed 's/://g' | sed 's/^.*=//' | awk '{print tolower($0)}'
UPDATE: This is what I now have in my .bashrc :)
function certfp(){ openssl x509 -in "$1" -outform DER | sha256sum | cut -d' ' -f1 ; }
#nerdtalk
Pick zero, one or more, depending on your capabilities and possibilities.
Stay calm and install solar panels.
Stay calm and install heat pumps.
Stay calm and build a Homelab to keep your data at home.
Stay calm and help your neighbours.
Stay calm and read the news but understand your anger on things you cannot change is wasted energy.
Stay calm and care about your direct environment where you can change things.
You are not alone. Many people around you are doing this already.
#StoicLife
Pinned post that has links to Evergreen toots/threads as replies. A kind of "best of" collection for you to enjoy and get to know my virtual persona better.
After many years and experiments, another conclusion I'd like to share:
- Make sure you "own" (well, technically: rent) at least one domain name with a recognisable but not "funny" name (my main domain is wildeboer.net)
- Only "buy" one of .com, .net, .org, .eu (when you live there) or your countries top level domain (TLD). Ignore all the fancy hype TLDs.
Your domain can become your digital identity authority that YOU control. This will become more important mid-to longterm, IMHO. 1/5
YES, you can develop, support open source/Free Software (FOSS) projects as an unpaid hobby, just for fun.
YES, you can develop and support #FOSS projects as (big or small) part of your paid job or as freelancer.
YES, you can develop and support FOSS projects by asking for donations.
And yes, all of these approaches can exist at the same time. YOU decide. FOSS is about freedom, not about money or not.
And NO, you owe no-one an explanation or justification on why you do #FOSS the way you do.
Had to verify. And yes. Kernighan and Ritchie really did this. TIL :)
Jan Wildeboer 😷
:krulorange: