September 13, 2020
On September 1st, 2020, the maximum lifetime of TLS certificates signed by Public Certificate Authority got reduced to 13 months. How did we arrive here, and what’s to come? Let’s start from understanding who decides the maximum lifetime of certificates and many other limitations around them.
Who decides the TLS certificate guidelines Ultimately, the client (often a browser or an operating system) identifies the certificate as trustable or not (based on the CA that signed it as well as many other parameters), so the client can decide which parameters to look for and which values are acceptable and which are not.Read More
August 20, 2020
This year I managed to partecipate to KubeCon + CloudNativeCon Europe 2020. As you can imagine, the conference did not happen in real life, but it was converted to an online conference. More virtual conferences I attend to, more I understand the limits and the advantages of them compared to real conferences. In this particular conference, I realized that one of the biggest problems I have with virtual conferences is that, during the conference, the conference events and talks add to your usual events and meetings, making it impossible to follow all events you wanted to follow.Read More
August 10, 2020
This year Flock did not happen due to COVID-19, and in its place, Fedora Nest happened. After many events I’ve seen going virtual in the last few months, I was skeptical. I was yet to see an acceptable online platform to run events. I was wrong on the platform. Fedora Nest used Hopin, which is by far the best platform for events I’ve seen so far. Don’t get your expectations too high, though, because when I say the best one I’ve seen so far, only means that it is usable, and it does not mean in any way that is on par of real conferences.Read More
July 19, 2020
Today I did a big update to this website. The goal of today’s update is the removal of Disqus. I have decided to remove Disqus more than a year ago, with the decision to remove all cookies from this website. The plan was to remove both Google Analytics and Disqus since those were the only two reasons this website was distributing cookies. I removed Google Analytics in June 2019, and now I’ve removed Disqus, so this goal has now been achieved.Read More
June 25, 2020
In the last couple of months, we have seen a lot of news around ARM. More specifically, the most relevant ones, in my opinion, are (sorted by date):
On May 11, AWS announced the availability of new instance types (M6g, C6g, R6g) based on Graviton2, a new version of their in-house developed ARM processor On June 17, Ampere announced a 128 core ARM processor that will be added to their current line (that includes 32, 48, 64, 72, 80 cores ARM CPUs) On June 22, was made public that Fugaku, an ARM-based supercomputer, is the most potent publicly disclosed supercomputer On June 22, Apple announced that Macs will move to ARM Those pieces of news demonstrate how much the processors' landscape is changing, and how fast the rate of change is.Read More
May 25, 2020
As it is becoming a sort of tradition, here we are, after two years from the enactment of GDPR to see how it performs in the real world.
In our previous yearly check, we analyzed the situation from two points of view: the banners and the fines. Let’s see how those two topics have evolved in the last year.
The Cookie Banners On the 1st of October 2019, with the judgment in case C-673/17, the European Union Court of Justice clarified that pre-ticketed consent checkboxes are not sufficient since the consent has to be expressed actively by the user.Read More
April 15, 2020
Yesterday, a controversial proposal got posted in the Fedora Devel mailing list: enable systemd-resolved by default. I see this change favorably since I already enabled it a few weeks ago, and I find it a very sensible option.
First, I have to admit that I see systemd and its mission of standardizing the core of the Linux user-space very favorably. At the current level of evolution of Linux, over time, this standardization and consistency will pay off much more than other alternatives.Read More
March 1, 2020
Google Cloud provides the capability of terminating a VPN connection with a VPN Gateway. The problem is that the VPN Gateway - at the moment - is relatively limited in capabilities. One of the missing capabilities I would have liked to see implemented is the NAT capability.
VPNs can be used to connect the machines of two different parties. Although this is usually not the best architectural pattern, since a connection on the public internet encrypted at the Transport Layer is often a better option, it’s relatively common in more legacy environments.Read More
February 2, 2020 - Bruxelles, BE
This year, as it has happened for the last few years, I’ve been at FOSDEM. As always, I’ve enjoyed it a lot, and that’s why I continue to go there, and every time I have to suggest other people which events to attend in Europe, I always mention FOSDEM as the main event.
I think it’s fascinating to see how room sizes and crowdedness of the rooms changes over time. Years ago, the container-related rooms (containers, container security, Go) were relatively small, but already crowded, and over the years, the rooms got bigger and bigger.Read More
January 27, 2020 - Brno, CZ
As it happened at other times in my life, I managed to be present at DevConf. DevConf is one of the best conferences that I attend. The reasons are many and varied, starting from the location that I find relatively stress-free. Another reason is the fact that there are many different kinds of sessions, and many sessions are not overcrowded, so it is relatively simple to participate in any session you would like to.Read More