Lake Bohinj, Triglav NP. Ribčev Laz, Slovenia. July 18, 2016.

EDNS, pf, and IPv4+6 Packet fragmentation

Alternatively: what the fuck is this "No response was received until the UDP payload size was decreased" thing all about?! Read More ›

CSP Nonces in Nginx

The easy way. Not at all lazy and kind of broken. Read More ›

Real men log in as root

Oops, that account should not be enabled Read More ›

Authority, but not for Certificates

Governments should not be running our online security. We should be. Read More ›

Let's Encrypt with acme.sh, bind, and zone-signing

A quick overview of how to get Let's Encrypt validation working using just acme.sh and bind. No terrible certbot or manual interventions needed. Read More ›