Another year, another dive into what’s changed in running a web server. This VM is now basically up-to-date, and supports most of the shiny new web transport improvements, like HTTP/2 and OCSP stapling. Hopefully nothing broke too badly in the process.
I’ve been reading through Bertrand Russell recently, and found one particularly resonant thought in his discussion on creed.
Prosperity is generally admitted in the West to be the best preventive of Communist fanaticism, but no one seems to draw the conclusion that it would be a good thing if Russia were prosperous. Trade across the Iron Curtain ought to be encouraged. Everything possible should be done to turn the attention of Russians to the internal development of their own country. [New hopes for a changing world. Pg 124]
It seems that there are many instances in the world today where the same advice can be applied. The use of economic sanctions seems to reliably result in more and continued conflict.
I’ve begun to transition this site to use Lets Encrypt! for signing of SSL. Because the site has specified an HPKP previously, a transition period is needed where clients can see the old certification signing the intention to transition to the new certification.
That process has started, and the full transition will happen in a couple months. The good news is that the letsencrypt setup process was otherwise painless.
Having spent the last few days at CCCamp, I am incredibly jealous of the community that exists in Germany. cbase, the physical center of the community, has existed for 20 years, and has created a really powerful movement. One of the aspects of the berlin free software community is the tight connection between technologists and artists that exists there. From this event my take away is that tech can and does create culture, and that one of the most important things we can do is foster that community and make it ours.
I’ve updated this domain to include the new HPKP mechanism and a stronger intermediate cert. HPKP supplements the previous HSTS mechanism to define a specific signing key that must be present on subsequent HTTPS interactions with the server, helping to mitigate one class of man in the middle attacks.
WordPress is now configured to my liking, which has taken a turn to the minimalistic.
Some additional work may eventually go into making the comments fit better into the rest of the theme, and making some of the sidebar features fit in more naturally. Otherwise though I’m really happy with how it came out.
The next step will be to setup a google wave plugin that synchronizes posts between the two systems, because that would be cool.
In real life, it’s winter break. One more semester until I finish college. Some amount of neurosing over what to do with my life. But pretty happy overall.