Orcmid's Lair |
||||
|
2003-11-27Mucho MiscellaneoA backlog that I haven't archived, so I will now. More review and cleanup is needed though.[Announce] GnuPG's ElGamal signing keys compromised. Well, here's an interesting situation requiring certain signatures to not be trusted because their public keys are discoverable from the signature. There is something to capture about this, especially around situating trust. Notice that one of the things that matters here is how Werner Koch is dealing with it. 2003-11-26Wiebe van der Hoek: Guidelines for M.Sc. Projects, 2002/2003. Here is some information on how M.Sc projects are handled in the Computer Science department at the University of Liverpool. There appears to be some resonance with the M.Sc in IT except the scheduling works differently. Improved Security Through IT Diversity - Computerworld. An useful, crisp as always, Bruce Schneier interview. Object Mentor - Object Mentor Inc. Teaching Best Practices.. And another link choice ... I must remember to also link ... nuts, I forgot. XProgramming.com - an Extreme Programming Resource. So I might as well blog this potential resource link too. The QP Project. This site promotes Quality Programming. It is a reminder to me that I want to provides some resources and links on my web pages, also for software architecture and design resources. Here's another reminder. 2003-11-25Oracle FAQ: White Papers and User Publications. A great compilation of materials and white papers on Oracle products. Locking in SQL Server 7.0. A nice article by Alexander Chigrik, posted on 2001-01-29. Found by classmate Robert Brayshaw. SSH: Certificate Revocation. A nice clean statement of what it is about and what the two approaches are. Re: add a certificate to a Certificate Revocation List. It would seem that OpenSSL has a lot of tools and procedures related to CA operation, including building revocation lists. X.509 PKI Certificate and Certificate Revocation List (CRL) Profile. This rfc3280 apparently obsoleted rfc2459. It looks like these should be looked up on the IETF site. dBforums - Certificate Revocation List (CRL) problem w/ Outlook XP. Here's a wild description of the CRL checking done (or not) with Outlook and Windows. I notice that there is use of two LDAP ports to do CRL access and checking. Hmm. Certificate Revocation: Mechanics and Meaning. This result of a 1998 panel discussion provides some situated discussion of revocation, especially with regard to PKI in the financial industry. Globus: GSI v2.0: Certificate Revocation Support. The Globus package is interesting for several reasons. First, they use X509 certificates as part of the grid infrastructure (important for Miser), and they seem to have an approach for revocation lists. Apache Week. Using Certificate Revocation Lists. Here's an article on how CRLs can be managed on an Apache server. References Related to Certificate Revocation. Here is a terrific list of references on certificate revocation and related protocols. NetworkComputing: Certificate Revocation - When Not To Trust. I am running into difficulties checking for revocation of certificates and I can't tell whether it is because of my firewall or because revocation servers are actually unavailable! I'm researching the situation. 2003-11-23Principles of Distributed Database Systems, Second Edition. Here is a site providing notes and teaching information on ed.2 of Principles of Distributed Database Systems by Özsu and Valduriez. Mariposa: A New Approach to Distributed Data. This system became "historical" and it is not clear what happened with it. There was the promise of extreme scalability, and it would be useful to see how it happened. The objectives are ones that would make a system with persistent objects drool.
|