Comment The CA should be able to revoke (Score 1) 97
You cannot rely on DNS as controlled by the Subject only. The Issuer should be able to revoke a certificate and it does not control the corresponding DNS.
Comment s/iu/ui/ (Score 2, Informative) 133
Yeah, I know, dutch double vowels are confusing...
Comment Safety? (Score 1) 150
Never knew they took safety with them.
Comment Re:Here's why (Score 1) 220
Their inventory consists mostly of blackberries.
And PlayBooks!
Comment Re:TERRIBLE writeup (Score 1) 220
Hey, this is slashdot, where submitter don't read the original article, editors don't read the submission and posters... well, they just post and don't read anything at all. Might as well skip linking to any article at all.
Comment Late April fool's joke? (Score 0) 339
Dunno if I should laugh or cry
Comment Re:Good news!? (Score 1) 132
... and to promote that technology is cool, let's call in the help of the most uncool person in the world: QE II.
Comment Re:Some improvements (Score 1) 592
Turbo C? Wordstar key bindings? You must be kidding. This veteran learned editing over a modem line using ex(1) or vi(1). Most of the time, I used ex(1) because the load on the VAX made vi(1) too slow.
Comment Re:Subjective summary is subjective (Score 1) 191
The advogato [post is outdated. Since them quite a few things changed. Look at the code and the manual page:
ntpd uses the adjtime(2) system call to correct the local system time without causing time jumps. Adjustments of 32ms and greater are logged using syslog(3). The threshold value is chosen to avoid having local clock drift thrash the log files. Should ntpd be started with the -d or -v option, all calls to adjtime(2) will be logged. After the local clock is synchronized, ntpd adjusts the clock frequency using the adjfreq(2) system call to compensate for systematic drift.
Again, for the majority of use cases, OpenNTPD does achieve an accuracy that's good enough and even better than that.
ntpd uses the adjtime(2) system call to correct the local system time without causing time jumps. Adjustments of 32ms and greater are logged using syslog(3). The threshold value is chosen to avoid having local clock drift thrash the log files. Should ntpd be started with the -d or -v option, all calls to adjtime(2) will be logged. After the local clock is synchronized, ntpd adjusts the clock frequency using the adjfreq(2) system call to compensate for systematic drift.
Again, for the majority of use cases, OpenNTPD does achieve an accuracy that's good enough and even better than that.
Comment Re:Subjective summary is subjective (Score 1) 191
Wrong again. It does do clock slowing or speeding up. Both to get the clock right and to compute a persistent clock frequency adjustment.
It does NOT just set the clock.
I don't know which version on what platform you were testing. Maybe your port was terribly done. But on OpenBSD it works like a charm for almost any purpose.
Comment Re:Subjective summary is subjective (Score 3, Informative) 191
Not true. It is simple, but it does slewing and rules out bad servers etc.
Comment Re:SFTP improvements (Score 1) 127
One typical use would be where you want people to use sftp, but do not want to give them shell access, any shell for that matter.
Comment Re:SFTP improvements (Score 1) 127
Oops. You're right. Still tab completion in te FA is about tab completion in interactive sftp sessions.
Comment Re:SFTP improvements (Score 1) 127
We're talking about the base openssh code here, not what some distro added to it.
Comment Re:New, Problematic Protocol Introduced (Score 2, Interesting) 127
The OpenSSH developers do not trust any X.509 code. The actual X.509 validation and trust decision mechanisms are pretty horiffic, and I'm glad they stayed away from that.
You don't have to throw away your X.509 certs, you can keep using them for other purposes.
