Ted Leung on the air
Ted Leung on the air: Open Source, Java, Python, and ...
Thu, 04 May 2006
PGP key revoked

This is one of the last cleanup items from the laptop theft. I've revoked my PGP key and created a new one.

This is my old key:

pub  1024D/F5FC4B42 2001-03-31
     Key fingerprint=1003 7870 251F FA71 A59A  CEE3 BEBA 2B87 F5FC 4B42 

This is revocation certificate for that key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: A revocation certificate should follow

iEkEIBECAAkFAkRarPUCHQIACgkQYCjW/J06/U899wCeMyjgTwcxPGf0f1LZXBE9
gHOkkIcAniu5l0FEORidmvZlTsDZ0AdSmaMr
=F6WI
-----END PGP PUBLIC KEY BLOCK-----

Here's my new key id information:

pub   1024D/9D3AFD4F 2006-03-05
      Key fingerprint = E6E8 48D5 17E6 0484 37D6  B38E 6028 D6FC 9D3A FD4F
[22:53] | [computers/security] | # | TB | F | G | 0 Comments | Other blogs commenting on this post
Sun, 27 Nov 2005
Capabilities in Perl

[via Links ]:

Earlier this year at CodeCon, Ben Laurie showed me the work that he had done on adding capabilties to Perl. Now he's put up a post with a pointer to the code and a little bit of documentation. He originally got interested in the problem because he was interested in adding capabilities to Python, but that turned out to be harder than he thought. Along the way, he formed some conclusions about Python and security:

Also, it seems the Python devlopers aren’t really interested in capabilities (nor all that interested in security, it seems, since the restricted execution mode is not maintained).

I don't think it's quite as a bad as Ben thinks, since he and I had some conversations with some Python developers and those folks were definitely interested in capability support. Of course, quite a few of them were a bit Twisted.

CaPerl is an alternative approach to adding capabilities which involves compiling a capability enhanced version of the language into the regular language. As to the rationale for doing this in Perl:

So, I did this for Perl, on the basis that if you can secure Perl you can surely secure anything.

I'm curious to see whether making the code available has any impact on the uptake of these ideas. Perhaps there will be some impetus in the Perl or Python communities to pick up on these ideas. When I saw Ben at Mind Camp, I suggested to him that perhaps the most profitable place to seed these ideas is the Ruby community, given the momentum hype of Rails, and the relative openness of the Ruby community to non-mainstream ideas.

I'd love to be proven wrong.

[23:57] | [computers/security] | # | TB | F | G | 32 Comments | Other blogs commenting on this post
Mon, 19 Apr 2004
Crypto-gram RSS feed
There is now an RSS feed for Bruce Schneier's excellent Crypto-Gram Newsletter. I hope that other e-mail newsletters will follow suit.
[11:59] | [computers/security] | # | TB | F | G | 0 Comments | Other blogs commenting on this post
Tue, 04 Nov 2003
All PGP Keyservers are not created equal
Today I received an e-mail reminder for the PGP key signing that we are having at ApacheCon in two weeks (you are registered, right?).

I decided to sit down and get my materials in order. Mostly this consisted of adding a UID for my job at OSAF to the key. I ran gpg and successfully added a UID. Then I tried to send it up to the MIT keyserver. I switched from using PGP to using GnuPG when I discovered that there were Windows binaries that could also be used from Thunderbird's EnigMail plugin. The send-keys operation reported that it had successfuly transmitted my key, but when I queried the MIT server about myself, it didn't show the new UID.

After many minutes of futzing an googling, I discovered that some keyservers have problems with subkeys. Apparently the MIT server is one of them. In order to get subkeys to work, you need to access a keyserver that is running the SKS keyserver codebase. I changed my keyserver setting in GnuPG to use hkp://keyserver.bu.edu, and the new UID appeared. The UID also appeared at MIT, so now that works as well.

If you're getting ready for the party, you probably want to know this.

[23:16] | [computers/security] | # | TB | F | G | 0 Comments | Other blogs commenting on this post


twl JPG

About

Ted Leung FOAF Explorer

I work at the Open Source Applications Foundation (OSAF).
The opinions expressed here are entirely my own, not those of my employer.

Creative Commons License
This work is licensed under a Creative Commons License.

Now available!
Professional XML Development with Apache Tools : Xerces, Xalan, FOP, Cocoon, Axis, Xindice
Technorati Profile
PGP Key Fingerprint
My del.icio.us Bookmarks
My Flickr Photos


Syndicate
RSS 2.0 xml GIF
Comments (RSS 2.0) xml GIF
Atom 0.3 feed
Feedburner'ed RSS feed

< May 2006 >
SuMoTuWeThFrSa
  1 2 3 4 5 6
7 8 910111213
14151617181920
21222324252627
28293031   

Archives
2006
2005
2004
2003

Articles
Macintosh Tips and Tricks

Search
Lucene
Blogs nearby
geourl PNG

Categories
/ (1567)
  books/ (33)
  computers/ (62)
    hardware/ (15)
    internet/ (58)
      mail/ (11)
      microcontent/ (58)
      weblogs/ (174)
        pyblosxom/ (36)
      www/ (25)
    open_source/ (145)
      asf/ (53)
      osaf/ (32)
        chandler/ (35)
        cosmo/ (1)
    operating_systems/ (16)
      linux/ (9)
        debian/ (15)
        ubuntu/ (2)
      macosx/ (101)
        tips/ (25)
      windows_xp/ (4)
    programming/ (156)
      clr/ (1)
      dotnet/ (13)
      java/ (71)
        eclipse/ (22)
      lisp/ (34)
      python/ (86)
      smalltalk/ (4)
      xml/ (18)
    research/ (1)
    security/ (4)
    wireless/ (1)
  culture/ (10)
    film/ (8)
    music/ (6)
  education/ (13)
  family/ (17)
  gadgets/ (24)
  misc/ (47)
  people/ (18)
  photography/ (25)
    pictures/ (12)
  places/ (3)
    us/ (0)
      wa/ (2)
        bainbridge_island/ (17)
        seattle/ (13)
  skating/ (6)
  society/ (20)



[Valid RSS]

del.icio.us linkblog

www.flickr.com

Blogroll

java.blogs
Listed on BlogShares

Locations of visitors to this page
Where are visitors to this page?


pyblosxom GIF