JP Mens @jpmens@mastodon.social
- https://twitter.com/jpmens
- Blog
- https://jpmens.net
Small-scale fiddler, enjoys doing & teaching. Wrote a thick book on FLOSS DNS servers. Dreamed up @OwnTracks over MQTT. Ansible with NOCOWS=1. Loves plain text. I (re-)toot in several languages. https://jpmens.net
Joined Apr 2017
ISC's post detailing what has been / is going on with BIND https://www.isc.org/blogs/bind-update-summer2021/ #dns
How to handle secrets on the command line https://smallstep.com/blog/command-line-secrets/
For the record, my indicating that Knot was not correctly using the SmartCard-HSM in https://jpmens.net/2021/06/04/using-a-smartcard-hsm-for-dnssec-with-bind/ was wrong. I got confused and mixed up drivers. I’ve amended the blogticle as well as the issue I opened at @KnotDNS #apologies
What happens when you register a domain name? https://www.afnic.fr/en/observatory-and-resources/expert-papers/what-happens-when-you-register-a-domain-name/ Nice writeup by Stéphane Bortzmeyer of AFNIC
A diagram to depict the DNSSEC chain of trust https://jpmens.net/2021/06/09/visualizing-the-dnssec-chain-of-trust/
Join @cstrotm on June 16 for ISC's next Practical BIND 9 Management webinar: Dynamic zones covering TSIG, updating ACLs with "grant," and catalog zones with a hands-on demo.
https://www.isc.org/blogs/bind-management-webinar-series-2021/
JP Mens
boosted
Falls jemand von euch mit DNS und BIND zu tun hat: In einer Woche, 2021-06-16, gibt es den fünften und letzten Teil einer Webinarreihe zu BIND9. Organisiert von isc.org, gehalten von @cstrotm. Im letzten Teil geht es um fortgeschrittene Dinge rund um dynamische Zones. Teilnahme kostet euch nichts, außer einer Stunde Zeit. Und wenn ihr die anderen vier Teile verpasst habt: gibt's als Aufzeichnung zum Nachschauen. Alles. was ihr wissen müsst, findet ihr hier: https://www.isc.org/blogs/bind-management-webinar-series-2021/ #bind #bind9
JP Mens
boosted
Oh, and if you don't know how a domain name registry works, you can start with this simple article https://www.afnic.fr/en/observatory-and-resources/expert-papers/what-happens-when-you-register-a-domain-name/
Mucking about with openssl.cnf on OpenBSD (6.9) and can't for the life of me get engine support configured in.
Until I notice (and then remember) it's not OpenSSL but LibreSSL.
# halt
Althttpd is a simple webserver that has run the https://sqlite.org/ website since 2004. Althttpd strives for simplicity, security, and low resource usage. https://sqlite.org/althttpd/doc/trunk/althttpd.md (src code: https://sqlite.org/althttpd/file?name=althttpd.c)
JP Mens
boosted
Minisign, by @jedisct1, is a dead simple tool to sign files and verify signatures; it is portable, lightweight, and uses Ed25519 public key signatures https://jedisct1.github.io/minisign/
OK, this amuses me: RFC 69
Using a SmartCard HSM for DNSSEC with BIND, Knot DNS, and LDNS/NSD https://jpmens.net/2021/06/04/using-a-smartcard-hsm-for-dnssec-with-bind/
To the day nine years ago I wrote the first of several-to-come blogticles on the then radically new configuration management system called Ansible.
https://jpmens.net/2012/06/06/configuration-management-with-ansible/
JP Mens
boosted
Thank you, @mwlucas, for “TLS Mastery” which just arrived in time for the weekend. It’s been en-route for a while, and while several customs agents have may read it, there are no visible coffee stains on the book. https://www.tiltedwindmillpress.com/product/tls/
with the blue colour being the ... wait for it! ... link ... to the DNSKEY in the child?
(no need for applause; just throw money)
- https://twitter.com/jpmens
- Blog
- https://jpmens.net
Small-scale fiddler, enjoys doing & teaching. Wrote a thick book on FLOSS DNS servers. Dreamed up @OwnTracks over MQTT. Ansible with NOCOWS=1. Loves plain text. I (re-)toot in several languages. https://jpmens.net
Joined Apr 2017
Server run by the main developers of the project 
It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!