nstielau's comments

nstielau | 12 years ago | on: Why is nobody using SSL client certificates?

We are using client-side SSL certificates extensively for API as well as browser-based single-sign-on for 20+ employees on a smattering of Mac/Linux/iPhone/Android devices. Definitely some ramp-up and wonkiness, but it's working well.

Also worth noting that infrastructure components like Cassandra [1] and RabbitMQ [2] leverage PKI as well.

Checkout our Jenkins client-side SSL cert auth plugin: https://github.com/pantheon-systems/certificate-authenticati...

[1] http://www.datastax.com/documentation/cassandra/1.2/index.ht... [2] http://www.rabbitmq.com/ssl.html

nstielau | 14 years ago | on: Puppet vs Chef, Fight

bcfg2 works well. It aims toward 100% fully managed servers (i.e. package dependency management, full /etc management) more than Chef/Puppet (but other than DoD/banking, 100% management isn't worth it). Other reasons I prefer Chef are 1) solo mode, 2) more dynamic recipes with ruby 3) more out-of-the-box resources (dirs, files, templates, users, etc)

nstielau | 15 years ago

How about having checkboxes instead of radioboxes for the different providers, and some way to zoom between them. That might get you closer to something like http://www.kosmix.com/topic/fifa_world_cup or http://www.evri.com/sports/soccer . It's a pretty good idea, but hard to compete with companies like kosmix and evri that are crawling and parsing tons of data.