XMPP Service Operators - 2021-06-09


  1. qy

    Anhydrous: still cant believe you like mastodon

  2. rob

    The software or activity pub based social media in general?

  3. moparisthebest

    qy, do you not like mastodon

  4. qy

    Fediverse generally. I love the protocol, i just dont like mastodon the software, nor it's devs, nor almost anyone who uses the network

  5. rob

    I use pleroma, not much but it took the place of Twitter

  6. rob

    I don't know how else to find similar people

  7. mike

    Much better to see open source projects using mastodon for their updates than twitter etc. Even comes with an RSS feed for free.

  8. qy

    Definitely

  9. qy

    I do prefer it to twitter

  10. qy

    I just still dont enjoy it, per se

  11. mike

    I've been running an instance for about 4 years now, so I guess I'm into it.

  12. rob

    Ya I definately don't enjoy it, I don't really know what to use it for

  13. rob

    I think I'm just not huge into social media generally. But peer or interest groups I like

  14. qy

    Dont worry, pretty sure that makes you one of the sane ones

  15. Anhydrous

    qy: who said I like mastodon?

  16. qy

    > Anhydrous wrote: > 4223: !!! Very nice

  17. Anhydrous

    Very nice regarding push notifications, and a open presence on the fediverse

  18. qy

    O

  19. 4223

    Anhydrous: 👍

  20. Anhydrous

    4223: right back at ya

  21. thndrbvr

    FWIW, there are "Groups" on GNU social and various nodes with their own ecosystems in the fediverse for different topics i.e, mathstodon.xyz or witches.live for mathematics and paganism respectively.

  22. diane

    rob https://mastodon.online/@FediFollows is building a directory of interesting entities on the fediverse

  23. diane

    (they post a one per day, and also have a directory by topic

  24. moparisthebest

    get ready for all letsencrypt certs to be revoked https://community.letsencrypt.org/t/2021-06-08-certificate-lifetime-incident-valid-for-an-extra-one-second/153426 (probably/hopefully not though)

  25. Licaon_Kter

    moparisthebest: we should move to Symantec, amirite?

  26. moparisthebest

    no they have a bug allowing 389 days and 1 second according to that ticket

  27. moparisthebest

    so likely all TLS certs will be revoked, if they decide to apply the rule strictly :)

  28. Licaon_Kter

    That would be a stupid thing. Yes effing clear up the RFC and whatnot, but why bother revoking? What's the _threat model_ now?

  29. moparisthebest

    the revoking talk is because CAB requirements say if you mis-issue a cert, you must revoke it

  30. moparisthebest

    they claimed 90 days, delivered 90 days + 1 second, therefore must revoke

  31. moparisthebest

    I reckon everyone would consider it stupid though

  32. Licaon_Kter

    I understood, it's not human logic though Why do you keep the rules? Is the spirit of the rule applied if you revoke 158000000 certs today?

  33. Licaon_Kter

    I understood, it's not human logic though Why do you keep the rules? Is the spirit of the rule applied if you revoke 158000000 certs today for 1 second?

  34. Licaon_Kter

    Does LE have servers big enough to issue 158000000 certs an hour after the revocation?

  35. Харпер

    Really hope one of the board members or whatever don't turn it into a powerplay

  36. Харпер

    https://letsencrypt.org/2021/02/10/200m-certs-24hrs.html

  37. Licaon_Kter

    I said 1h :)

  38. Menel

    This one second is so stupid. Crazy that people have emergency meetings for that.. I would call.it close enough for the compliance and don't even bother. There is no thread model. I really don't get it

  39. MattJ

    Agreed. Certificate expiry is weird anyway - I'm pretty sure 99% of applications don't close an open connection once the certificate expires

  40. Licaon_Kter

    Also, given certbots reputation of failing to update, every extra second counts :)),