>SBCL derives most of its code from CMU CL, created at Carnegie Mellon University. Radical changes have been made to some parts of the system (particularly bootstrapping) but many fundamentals (like the mapping of Lisp abstractions onto the underlying hardware, the basic architecture of the compiler, and much of the runtime support code) are only slightly changed. Enough changes have been made to the interface and architecture that calling the new system CMU Common Lisp would cause confusion - the world does not need multiple incompatible systems named CMU CL. But it's appropriate to acknowledge the descent from the CMU hackers (and post-CMU CMU CL hackers) who did most of the heavy lifting to make the system work. So the system is named Steel Bank after the industries where Andrew Carnegie and Andrew Mellon, respectively, made the big bucks.
Yes, good catch — that repo is currently private while we prepare it for public release.
Current status: we’re actively preparing `hibana-quic` for publication, and it is already passing interop tests with neqo.
Please wait a little longer for the public release. Thanks for your patience.
... It's a shirtless man hugging the waist of another shirtless man. The cover art doesn't even have any text on it, but instead is just a picture of a couple of shirtless dudes in an incredibly weird pose. Yeah, I'm sure lots of fathers find themselves in scenes just like this. Totes normal.
"Not every picture of two men is sexual."
Yes, no shit. Of course on HN someone would try this morally righteous horseshit, especially hilarious when it's served with a side of "Duh, of course!"
But you know what the picture represents because you were quite literally told how to interpret it. I don't want some picture I didn't ask for suddenly appearing on my lock screen (because most of us actually had empty libraries, so when this "gift" was added and the device did its fun "autoplay" nonsense, it would suddenly be active media), walking around saying to anyone who might catch site "Oh don't worry, it's an artistic image of a father protecting his son or something"
I wasn't told how to interpret it, I saw an unusual picture and, where you apparently jumped the conclusion that it was two men that were obviously about to have sex and that it would be a scandalous statement on your own sexuality if anyone were to see you with that picture, I chose to look up what the explanation was. I can only imagine how much you must clutch your pearls when naval aviators play volleyball together in the movies.
Then you detail how you had to look up how to interpret this. Amazing stuff. Like, do you realize you just destroyed your own nonsense? Doing the "Duh, obviously" bit and then saying "this picture was so weird I had to be told what it meant" is quite the self-own.
"where you apparently jumped the conclusion that it was two men that were obviously about to have sex "
Save this boorish troll Reddit righteous-brigading garbage from HN. How isn't your garbage post far in the negatives?
Yes, you're so enlightened and better than thou. Howler.
It's an extremely odd picture to be on one's homescreen. Some people have their dog, some their wife, and then Bob here, he has two strange shirtless men in an extremely odd pose. Not even any normal album cover text to make it clear it's an album cover. Just a picture of two shirtless men.
No, I'm not saying "it's obviously a father and a son", I'm saying "it's not obviously sexual or gay and it's weird that you were so concerned about that interpretation that you were embarrassed about it". I didn't immediately know it was his son and represented innocence. I did immediately know that it was probably not something sexual, and I went looking for an answer instead of panicking about anyone seeing me looking at it.
For a guy who complains about reddit so much, you sure seem intent on having a deliberately obtuse reddit-style "gotcha" argument. I'm not really here for that. I hope you remain safe from phone images that scandalize you and those around you.
In this vastly unlikely passive aggressive hypothetical scenario, you're imagining that a random person who might see your screen would be as triggered by the image as you were. Most people had figured out by then that two men together are no more offensive or evil than a man and a woman.
>when attempts were made to push through security-enhancing changes to the Web PKI, CAs would push back on the grounds that there'd be collateral damage to non-Web-PKI use cases
Do you (or anyone else) have an example of this happening?
After the WebPKI banned the issuance of new SHA-1 certificates due to the risk of collisions, several major payment processors (Worldpay[1], First Data[2], TSYS[3]) demanded to get more SHA-1 certificates because their customers had credit card terminals that did not support SHA-2 certificates.
They launched a gross pressure campaign, trotting out "small businesses" and charity events that would lose money unless SHA-1 certificates were allowed. Of course, these payment processors did billions in revenue per year and had years to ship out new credit card terminals. And small organizations could have and would have just gotten a $10 Square reader at the nearest UPS store if their credit card terminals stopped working, which is what the legacy payment processors were truly scared of.
The pressure was so strong that the browser vendors ended up allowing Symantec to intentionally violate the Baseline Requirements and issue SHA-1 certificates to these payment processors. Ever since, there has been a very strong desire to get use cases like this out of the WebPKI and onto private PKI where they belong.
A clientAuth EKU is the strongest indicator possible that a certificate is not intended for use by browsers, so allowing them is entirely downside for browser users. I feel bad for the clientAuth use cases where a public PKI is useful and which aren't causing any trouble (such as XMPP) but this is ultimately a very tiny use case, and a world where browsers prioritize the security of ordinary Web users is much better than the bad old days when the business interests of CAs and their large enterprise customers dominated.
But this has nothing to do with clientAuth as in this case the payment processor uses a server certificate and terminal connect to the payment processor, not the other way around. So this change would not have prevented this and I don't see what browsers can do to prevent it - after all, the exact same situation would have happened if the payment processors used a HTTPS-based protocol.
Yeah, the more I think about it the more futile this effort starts to look. The industry is investing tons of resources into building and maintaining an open, highly secure PKI ecosystem which allows any server on the public internet to cryptographically prove its identity, and Google wants to try to prevent anyone who's not a web browser from relying on that ecosystem? Seems impossible. The incentives are far too strong.
Google is hoping that after this change other TLS clients will go off and build their own PKI entirely separate from the web PKI, but in reality that would take way too much redundant effort when the web PKI already does 99% of what they want. What will actually happen is clients that want to use web certs for client authentication will just start ignoring the value of the extendedKeyUsage extension. The OP says Prosody already does. I don't see how that's an improvement to the status quo.
The hard links are to the most recent backup before the one happening now in the script, so that you aren't storing full copies of files that haven't changed between backups.
This seems like a good place to ask: I have a memory of a longer story along very similar lines. Maps are made that are increasingly larger, but in the version I'm remembering the maps are in a room of a palace or something?
>SBCL derives most of its code from CMU CL, created at Carnegie Mellon University. Radical changes have been made to some parts of the system (particularly bootstrapping) but many fundamentals (like the mapping of Lisp abstractions onto the underlying hardware, the basic architecture of the compiler, and much of the runtime support code) are only slightly changed. Enough changes have been made to the interface and architecture that calling the new system CMU Common Lisp would cause confusion - the world does not need multiple incompatible systems named CMU CL. But it's appropriate to acknowledge the descent from the CMU hackers (and post-CMU CMU CL hackers) who did most of the heavy lifting to make the system work. So the system is named Steel Bank after the industries where Andrew Carnegie and Andrew Mellon, respectively, made the big bucks.
reply