I love the quote, "Five hundred kilometres is pretty much as far as a normal person would want to drive in a single day." Oh, man, I've driven further to see a live show, and driven back essentially the next day

Indeed. Aren't things in Australia nearly as spread out as they are here? 300 miles is nothing. 300 miles won't even get you from Las Vegas to San Diego. I've done that as a same-day round trip. I've driven from Las Vegas to Denver in one day. 770 miles makes for a long day behind the wheel, but it's doable. You can cover 600 miles in 8 hours at 75 mph.

Who are these people, that would give a damn about this change?

You don't need an intermediary not-you authority for this job. And in fact, using one can only possibly decrease the security, in the best case scenario. Even the worst most incompetent company in the world, would make a better CA for its internal servers, than the best, most trustworthy public CA.

Whoa there. This was no mere bad judgement call. Having him thrown off the plane was over-the-top malicious, totally beyond what I ever expect from anyone who is "having a bad day." I sincerely believe such a person really shouldn't be in any sort of position where they might have that amount of power over other people.

Put a hundred random people in the same sort of bad-day position, and I don't expect one of them to behave like this one did. This one is truly exceptional, and does not merely "have bad days." This is the kind of person whose news stories are usually headlined something like "gunman kills five then self."

I might be willing to excuse them, if say, their psychiatrist were to explain how this was anomalous for their character and that their medication was defective, or something like that. OTOH that can be handled in their lawsuit against the medication manufacturer, and then this psycho will never need a job where they exercise power over other people again.

I happen to be the executive who works at Southwest and made the decision, upon seeing the tweet, to call the gate and have him kicked off. Please allow me to explain my decision.

I work in the PR department, and managing publicity is my job. When I saw the tweet, I realized it was bad publicity. I don't like my company getting bad publicity, and I seek to avoid it, or replace it with good publicity.

So I threw our tweeting customer off, thereby solving the bad publicity problem! See? Now do you get it?

...

(Why is everyone looking at me like I'm a idiot?)

So my question is: what is holding everyone else back from freeing themselves from contacts and glasses?

I don't need contacts or glasses, you insensitive cl...oh, wait.

No, didn't sound judgmental to me, just wanted to offer my view of how diverse the mores of American Evangelical Fundamentalists can be (my view from having been in a fundamentalist community for a long time).

I think there is a correlation so your expectation is justified, but there are all sorts of surprises from individual sects.

That is very strange, who knows whether it was just childish imagination, doctrine or culture from the home or the church, or what?

..the sale is criminalized in The Netherlands.

My point is that the court's recent decision suggests the above is an outdated, quaint law which no longer reflects the society that The People wish to have, nor which reflects the new way of thinking about reponsibility and the relationship between demand and the victimizing acts which serve that demand.

Thus, I'm sure the Dutch people will soon be revising their kiddie porn laws. Huh? Whaddya mean, "no?" Why not? ;-)

Look, just install the telescreens in our homes already.

Be patient. We're still in the voluntary phase of that, right now. If enough people say no to the unauditable smartphones and smart TVs, we can eventually get to compulsory installation, but for right now, what's the hurry? People are doing it without even being told to.

Though we'll face some risks from our own governments, it's a relief to know at the Dutch government would have no problem with me selling kiddie porn (as long as it was made in America) to Dutch citizens. "No crime happened here, within our jurisdiction," they'd say.

In fact, the Dutch government should tolerate our new businesses even more than this NSA thing, since the victims (whereever their rights were violated) won't even be Dutch citizens. No Netherlander will have any reason to say their government let them down.

There are all different flavors of fundamentalists, and while many hold to "conservative dress" as a doctrine, it's definitely not universal. The same goes for the idea of not associating with "non-believers" (bucket group, everyone that does not adhere to the set of beliefs the particular brand of fundamentalism says are required for salvation), some preach that, while others will explicitly preach evangelical immersion (go meet "non-believers" and make them want to convert by being the best friend ever!).

Always nice to hear that social mores around what "racial" couplings are allowed are loosening.

Thanks for the insult. It hardly stung.

Unless you worked at Netscape in the mid-1990s, no insult was intended.

All I meant is that by the very early 1990s, we (and by "we" I mean people smarter than me; I was clueless at the time) had a pretty good idea that CAs wouldn't work well outside of real power hierarchies (e.g. corporate intranets). But then a few years later the web browser people came along and adopted X.509's crap, blowing off the more recent PKI improvements, in spite of the fact that it looked like it wouldn't work well for situations like the WWW.

Unsurprisingly, it didn't work well. Organizing certificate trust differently than how real people handle trust, 1) allows bad CAs to do real damage, and 2) undermines peoples' confidence in the system.

A very nice way of saying this, is that in hindsight, the predicted problems are turning out to be more important than we thought most people would care about. ;-) It's almost as though now (no fair! you changed the requirements!!) people want SSL to be secure.

Keeping the same organization but with new faceless unaccountable trust-em-completely-or-not-at-all root CAs won't fix the problem. Having "root CAs" is the problem, and PRZ solved it, over 20 years ago.

I expect you to start the project shortly.

It's a little late to start, but I do happen to still be running an awful lot of applications (web browser being the most important one) which aren't using it yet.

He was obviously talking about building your own hardware. Did you really think his parts list of "A small controller, an LCD display and a keyboard," was in reference to writing an alternative to OpenBSD?

How does Diffie-Hellman key exchange provide identification of the other party? .. It is not possible to determine who the other party is

It's possible. It requires an extra piece beyond the DH, but that extra piece isn't PKI. The user is the trusted introducer. The user looks around and says "Yep, these are the only two devices physically here that I have ordered to peer, right now." They are identified by being in the right place at the right time, triggered by the user saying "Now." That's a pretty good way to do things unless you're just totally surrounded by spies.

Or, beware your audience. Though on the topic, while it's not the most concise construction, signposting something you find interesting so that the reader pays extra attention (or even just a different kind of attention) to it is certainly common. I don't know if that makes it acceptable, but I tend to think it does.

A thought that made me laugh, how does one say "Patience is a virtue" in the original Klingon?