Squithrilve's comments

They don't support it? That's weird (maybe a missing feature) given that it's quite easy to add to anything that has signed metadata, see e.g. this for OpenPGP: https://github.com/wiktor-k/openpgp-proofs#openpgp-proofs

Who said the keys need to be long lived in WKD? WKD just makes the key discovery easier based on email address, you can rotate your key as often as you want (just set the expiry date so clients check it).

Also, I'm not sure if I get the "public ledger" part as WKD I just your own HTTPS server. It doesn't have anything in common with keyservers.

Does anyone know any other good resources (esp. books) on this subject? (Clifford/geometric algebra)

mkinitcpio is being replaced with dracut so zstd won't probably happen.

Google is closing on of their perfectly working services? Who could've imagined such a conundrum!

Counterpoint: https://michael.stapelberg.ch/posts/2019-08-17-introducing-d...

The entire fun with DNS section is interesting: https://developers.cloudflare.com/1.1.1.1/fun-stuff/

Although some protocols are missing for example DoX: https://xmpp.org/extensions/xep-0418.html

This is not the only example. I never ceases to amaze me that Google dropped XMPP because of non-mobile-friendliness and it was proven wrong by a single developer (see: Conversations.im).

It seems in a lot of cases Google just want to go on an easy route of creating fake "standards" (AMP) instead of long way of working with broader community for common good.

Maybe that's just me but the Google I remember back when Android was announced and the company it has become now it's like two totally different entities.

> The people who had been using it would continue uninterrupted.

I'm not sure about that. If the main matrix server disappeared today that'd be problematic. Yes, you'd have history locally but the same can be said for any native client that stores history locally.

As far as I know there is no way to migrate matrix history now. Is there? (genuinely curious)

> Please sign your outgoing mails if you have a key.

It's interesting that even Edward Snowden made this mistake of sending only encrypted email.

For more elaboration about this subject K-9 resources are quite good:

https://k9mail.github.io/2017/01/30/OpenPGP-Considerations-P...

> Someone comes along with a patch or idea. Bunch of big Postgres people come knock it and it dies right there.

This is not unique to Postgres. I've seen this behavior on many development mailing lists (e.g. Mutt-dev).

Poor support of SSL certificates in browsers is commonly attributed to bad UX but the real reason is that they are credentials that can be re-used by multiple services to track you as an individual. Newer standards like U2F completely compartmentalizes origins so that if you register to service X a different service Y will not know who you are.

SSL certificates also doesn't work in HTTP/2 (because of multiplexing multiple requests).

Benefits include storing private key in a hardware tokens, most OSes support them out of the box. You can just plug your token into USB port, visit site that requests a client certificate, enter PIN and be done (e.g. Yubico PIV applet).

HTML also has/had <keygen> element that would generate private key in a browser, send the public key to be signed to a webpage essentially creating private/public key credentials but that is being removed from browsers.

For inter-service communication I'd definitely consider using SSL client certificates pinning private keys e.g. to TPM but regular users can't be bothered with it.

If you're interested check out Token Binding that makes tokens (cookies, etc.) bound to TLS connections essentially providing security of client certificates for tokens.

Every time I read a API that uses signed/authenticated requests (AWS, Let's Encrypt ACME) I wonder exactly the same thing - why is this needed in the first place? If TLS guarantees lack of replays it seems to me like signed requests just protect their own complex infrastructure from reusing the same request twice...

> ...the fact that the Linux kernel is licensed under GPLv2 or later.

Actually Linux is licenced only under GPLv2:

> The only one of any note that I'd like to point out directly is the clarification in the COPYING file, making it clear that it's only _that_ particular version of the GPL that is valid for the kernel.

> ...

> Why? There's been some discussions of a GPL v3 which would limit licensing to certain "well-behaved" parties, and I'm not sure I'd agree with such restrictions - and the GPL itself allows for "any version" so I wanted to make this part unambigious as far as my personal code is concerned.

Source: http://lkml.iu.edu/hypermail/linux/kernel/0009.1/0096.html

There are ways to communicate from the REM state back to the real world used in research on lucid dreams:

> Previously to sleeping, volunteers like Worsley agreed on preset eye movements they would perform once they achieved lucidity in their dreams, which La Berge could record in the lab.

Source: http://dreamherbs.com/eminent-dreamers/stephen-laberge/

As far as I remember Ethereum smart contracts were designed to be Turning-complete because that would make them "more powerful" than Bitcoin Script. It seems that with great power comes great responsibility...

Well it's obvious you can't heat your house and earn money at the same time continuously. Bitcoin is no magic perpetuum mobile zero-point energy bending-physics solution but it's true that you can minimize the waste.

> Every dollar you spend on the most efficient mining setup will only give you one dollar worth of bitcoin plus a small profit.

That sounds just like any other investment, or am I missing something?

> while other solutions like proof of stake / space / ... exist and are much more energy efficient.

They are only proposed solutions, not implemented in any existing systems so it's not fair to compare them. Proof of stake for example has numerous drawbacks: https://en.wikipedia.org/wiki/Proof-of-stake#Criticism

Well Bitcoin is always on because people are constantly using it so it can't "conserve power" just as a constantly on display or CPU can't.

> SSL provides a service that is immediately valuable to all parties.

And Bitcoin does not provide service that is valuable to all parties?

> Bitcoin mining is done by people who want to get rich by not doing anything.

Calculating SHA256 is hardly anything because we wouldn't be arguing about that, right?

> What if Bitcoin were to fail for some reason?

You're not concerned about SSL failing for some reason? Heartbleed?

> What if Bitcoin were to fail for some reason?

That's highly speculative. Besides Ethereum has several failures already and it's still doing fine because there are serveral mechanisms that can be used to resolve such problem (e.g. hardforks).