Now up on the newsletter, part 6 in my series on memory management, this time covering basic garbage collection techniques.
- 131 Followers
- 2 Following
- 116 Posts
Next, you need some mechanism whereby each element in the system can assure itself that it has the same summary as everyone else (this is actually the hard part).
Finally, when you go to the Web server, it proves that it's certificate matches the summary. What this means technically is that it gives you a Merkle inclusion proof that goes back to the root.
The standard solution here is what's called a consensus system. Effectively, you compute a summary of all the published certificates (typically by assembling them into a Merkle hash tree). See the post for more detail on this.
Next, you need some mechanism whereby each element in the system can assure itself that it has the same summary as everyone else (this is actually the hard part).
The first step is to have the client (i.e., the browser) check that the certificate was published, thus hopefully forcing the CA to publish it. But now we have to confront the definition of "publish". How do we know the CA published to everyone?
For instance, if the CA has it on their web site and sends it to clients but not to sites when they check, then the system breaks down.
STR :
1. Click on a link to a mastodon post.
2. Click the "reply" arrow.
Expected results: get a compose box so you can reply
Actual results:
When the Web was built in the late 1980s and early 1990s, it was designed along similar lines, with the assumption that browsers worked for the users and connected to servers over standard protocols. The technical term for a browser "user agent" reflects this.
In Mozilla's Web Vision (https://mozilla.org/en-US/about/webvision/full/) we put it like this:
Unlike a closed system, however, an open system allows for innovation at the edges. If you don't like the mail client on your machine, you can just download a new one. This all works because the mail client talks to the mail server using a standardized protocol:
The original Bell System phone monopoly is an example of the first kind of system. AT&T didn't even let you own your own phone; you had to rent one from them, and they looked like this: 3/N
Now up, a report from the Broken Arrow Skyrace 2023. I did the Triple Crown this year (Vertical Kilometer (VK), 46K, 23K) and it was epic. Highly Recommended.
https://educatedguesswork.org/posts/broken-arrow/
Here I am climbing the totally not sketchy "Stairway to Heaven" ladder at the top of the VK.