Death by the least common denominator: Or how to remodel your whole world to fit a tool (instead of the logical opposite way of doing things) and the consequences in your world when you use a bad tool.

DNS and history in draft-knodel-terminology: For instance, in DNS the ‘slave’ is able to refuse zone transfers on the ground that it is malformed. The metaphor is incorrect historically given the most recent centuries during which “the role of the master was to abdicate and the role of the slave was to revolt”

@afnic @bortzmeyer On "" I discovered: "Zonemaster - Zonemaster, developed by IIS and AFRINIC, is a web-based zone checker. ".

C'est bien les soirs d'élection sur les chaînes de télé, ca permet de réviser ses mathématiques: pendant au moins 2 heures dans le bandeau "candidat 1: 55.45%, candidat 2: 45.55%". Ou alors ils officialisent certaines pratiques comme faire voter les morts?

@afnic En fait il y a 2 liens dans la page et cela semble être celui du bas qui ne marche pas, le premier est qui fonctionne en redirigeant vers
Il semble que le deuxième lien a un `cog.` en trop dans le derniere élément du chemin.

Afficher le fil de discussion

@afnic La liste des communes de l'INSEE telle que donnée sur (idem en FR), à savoir ne pointe plus sur rien d'utile à l'INSEE, juste la page d'accueil. Possible de corriger pour un lien direct vers la bonne liste ?

"eTLS" is back (under another name of course) at "Requirements exist for network operators, service providers, users, enterprises, and small businesses, to be able to grant varied (fine grained) permissions and to enable visibility of middleboxes, where the middleboxes in turn gain observability of the content and metadata of encrypted sessions". Enjoy your new backdoors...

Someone wrote: "git is like UNIX. User friendly but picky about its friends." That seems very fitting.

Just discovered RFC6975 "Signaling Cryptographic Algorithm Understanding in DNS Security Extensions (DNSSEC)" today, there is always something new in DNS-land (except that this is 7 years old in fact). It was discussed before RFC8145 "Signaling Trust Anchor Knowledge in DNS Security Extensions (DNSSEC)" that finally decided not to just use EDNS but also to introduce ugly canary names.

DNS gods were listening to me today: preparing a presentation on nameservers management, exactly to illustrate my point, we have today learnt about the .IQ soon to fall off the Internet by expirations of SOA timers, and then Verisign having TSIG worries... Perfect real-world examples happening at perfect time. I am lucky. Let's see if my audience chuckles on that with me tomorrow.

Étrange cette publicité à peine cachée pour un ccTLD peu connu... dans les vidéos en rattrapage de France Télévisions le logo en haut à droite est juste ".tv"... Ils prévoient d'émigrer pour ne plus présenter le TLD national ainsi ?

Amazing on how people speak about "agile" always and having to cope with changes and embracing it and so on and so forth... and at the same time they just do not want to upgrade their vocabulary and for example use "TLS" instead of "SSL" like if all their world would collapse if they stop being 20 years late. Really shows the difference being living in virtual worlds where every change is smooth and real world where even a name change takes more than 20 years. And no thanks to OpenSSL there...

You never stop learning something new in git, or how to disappear from "git blame": "-ignore-rev <rev> Ignore changes made by the revision when assigning blame, as if the change never happened." (in git 2.23 this past august). Seriously, useful for hiding purely reformat commits and things like that. unfortunately needs specific configuration everywhere to be used if storing commits in file (the ...-file version), which is one of the minor deficiency of git (config/meta not in repository itself)

@bortzmeyer Enfin! OpenSSL 1.1.1 "s_client will now send the Server Name Indication (SNI) extension by default unless the new "-noservername" option is used. The server name is based on the host provided to the "-connect" option unless overridden by using "-servername"."

Firefox (or MacOS default file selector, I do not know, but they seem to enjoy being in the same boat), never short of surprising me in a bad way: "You have used the extension “.jpeg” at the end of the name. The standard extension is “.jpg”." Since when is DOS 8.3 brain damage the "standard"? IANA MIME registry clearly has "jpeg" but not "jpg"...

Someone doesn't like Europe. Two major DDOS attacks on .EU internal infrastructure (EPP, etc.), now announced on their own website, after more than 10 hours of cumulated downtime in 2 times.

Bye bye SHA1 (and welcome U2F) in "we will
be disabling the "ssh-rsa" public key signature algorithm that depends
on SHA-1 by default in a near-future release." and "This release adds support for FIDO/U2F hardware authenticators to
OpenSSH." One of the most exciting release since a long time...

Does anyone have a running example of a DNS glue of a form `` that is one not really used in fact for the delegation process but used by some people thinking this is better/faster because it avoids checking at the child and hence has one less query to do?

Dans 6 ans les domaines en .ORG auront doublé de prix (sans justification... si ce n'est bien sûr que le nouveau propriétaire doit se renflouer et rembourser ses prêts... comme souvent mise en commun des dettes mais privatisation des profits), cf "$9.93 June 30, 2019 to June 29, 2020" jusqu'à "$19.35 June 30, 2026 to June 29, 2027". On dit merci à PIR et surtout à l'ISOC !!! Et donc à l'ICANN bien sûr qui va autoriser cela, comme pour les futurs changements en .COM


Le réseau social de l'avenir : Pas d'annonces, pas de surveillance institutionnelle, conception éthique et décentralisation ! Possédez vos données avec Mastodon !