Justin Richer
@justin.richer.org
Security architect, musician, author, game designer, and otherwise boring guy. Opinions are not facts.
Reposted by Justin Richer
Merriam-Webster’s human editors have chosen ‘slop’ as the 2025 Word of the Year.
December 15, 2025 at 2:07 PM
Merriam-Webster’s human editors have chosen ‘slop’ as the 2025 Word of the Year.
A new small update to mkjwk.org, thanks to some folks from the community. A couple small bugs were fixed, plus you can now copy and save a key configuration as a URL that you can pass around. This doesn't copy your key values, but it does set all the generator's parameters.
mkjwk - JSON Web Key Generator
mkjwk.org
December 12, 2025 at 8:56 PM
A new small update to mkjwk.org, thanks to some folks from the community. A couple small bugs were fixed, plus you can now copy and save a key configuration as a URL that you can pass around. This doesn't copy your key values, but it does set all the generator's parameters.
Reposted by Justin Richer
All righty, we got the all clear this time.
Follow Dan as he explores the "cost" of a Desert Bus:
Follow Dan as he explores the "cost" of a Desert Bus:
What's the "Cost" of a Desert Bus?
YouTube video by Folding Ideas
www.youtube.com
December 5, 2025 at 3:11 AM
All righty, we got the all clear this time.
Follow Dan as he explores the "cost" of a Desert Bus:
Follow Dan as he explores the "cost" of a Desert Bus:
Wooo, I won some dice! Maybe I'll try that dungeons and dragons thing I keep hearing about.
Donation Drive!
The epic Big Bag O' Dice could be yours! There are full sets and duck dice
$6.15/multiples thereof for the next 48 minutes!
desertbus.org/donate
#DB2025
The epic Big Bag O' Dice could be yours! There are full sets and duck dice
$6.15/multiples thereof for the next 48 minutes!
desertbus.org/donate
#DB2025
The Big Bag O' Dice
A embroidered Crown Royale bag loaded with dice! Its exactly what it seems like! This year's version contains a Die that hold other dice! A bag of dice with a dice holder! We have dice with ducks i...
desertbus.org
November 16, 2025 at 1:54 PM
Wooo, I won some dice! Maybe I'll try that dungeons and dragons thing I keep hearing about.
Reposted by Justin Richer
"There's a there there." #ietf124
Lots of enthusiasm and positivity (and advice from experienced folks) for forming an #atproto WG at @ietf.org
We had 130 people on the stream and a very active chat.
Great job @bnewbold.net and @dholms.xyz and everyone else.
Thank you all for showing up! 👏
Lots of enthusiasm and positivity (and advice from experienced folks) for forming an #atproto WG at @ietf.org
We had 130 people on the stream and a very active chat.
Great job @bnewbold.net and @dholms.xyz and everyone else.
Thank you all for showing up! 👏
November 5, 2025 at 4:29 PM
"There's a there there." #ietf124
Lots of enthusiasm and positivity (and advice from experienced folks) for forming an #atproto WG at @ietf.org
We had 130 people on the stream and a very active chat.
Great job @bnewbold.net and @dholms.xyz and everyone else.
Thank you all for showing up! 👏
Lots of enthusiasm and positivity (and advice from experienced folks) for forming an #atproto WG at @ietf.org
We had 130 people on the stream and a very active chat.
Great job @bnewbold.net and @dholms.xyz and everyone else.
Thank you all for showing up! 👏
Reposted by Justin Richer
How do you end up confused and wildly variable about your disposition towards a President... in their second term?
Come on brah
Brah ur killin me here
Ur killin us
Come on brah
Brah ur killin me here
Ur killin us
November 4, 2025 at 1:48 AM
How do you end up confused and wildly variable about your disposition towards a President... in their second term?
Come on brah
Brah ur killin me here
Ur killin us
Come on brah
Brah ur killin me here
Ur killin us
Reposted by Justin Richer
Thousands of years before Jimmy Kimmel and Stephen Colbert got under President Trump's skin, ancient Greek and Roman poets and philosophers paid a heavy price for displeasing heads of state.
What Kimmel and Colbert can learn from ancient comedians who ticked off their leaders
Thousands of years before Jimmy Kimmel and Stephen Colbert got under President Trump's skin, ancient Greek and Roman poets and philosophers paid a heavy price for displeasing heads of state.
n.pr
September 25, 2025 at 11:50 AM
Thousands of years before Jimmy Kimmel and Stephen Colbert got under President Trump's skin, ancient Greek and Roman poets and philosophers paid a heavy price for displeasing heads of state.
Dear literally every company but mostly Zoom right now: I do not want your AI chatbot, and I especially do not want it taking up 1/3 of my window space to the detriment of everything I use your app for. I don't want tips for icebreakers, I want to have my meeting.
August 19, 2025 at 6:31 PM
Dear literally every company but mostly Zoom right now: I do not want your AI chatbot, and I especially do not want it taking up 1/3 of my window space to the detriment of everything I use your app for. I don't want tips for icebreakers, I want to have my meeting.
Reposted by Justin Richer
Reposted by Justin Richer
Freedom from kings.
Freedom from fascism.
Power to the people forever. ♥️
Happy Independence Day 🇺🇸
Freedom from fascism.
Power to the people forever. ♥️
Happy Independence Day 🇺🇸
July 4, 2025 at 9:20 PM
Freedom from kings.
Freedom from fascism.
Power to the people forever. ♥️
Happy Independence Day 🇺🇸
Freedom from fascism.
Power to the people forever. ♥️
Happy Independence Day 🇺🇸
Reposted by Justin Richer
Can’t make this up.
July 4, 2025 at 7:15 PM
Can’t make this up.
Reposted by Justin Richer
This must end now!
Everyone needs to hit the streets and fight back ✊
It’s only going to get worse 🤬
Everyone needs to hit the streets and fight back ✊
It’s only going to get worse 🤬
July 3, 2025 at 1:19 AM
This must end now!
Everyone needs to hit the streets and fight back ✊
It’s only going to get worse 🤬
Everyone needs to hit the streets and fight back ✊
It’s only going to get worse 🤬
Welp, don't think this is going to be very useful.
July 2, 2025 at 8:36 PM
Welp, don't think this is going to be very useful.
Reposted by Justin Richer
The year is 2025. There is a nationwide recall on rice, one of the most popular commodities on Earth. You grab your phone and click a link to learn more. Your risk will be revealed after you endure 479 HTTP transactions loaded from 126 IP addresses homed in 8 countries landing 207 cookies.
June 28, 2025 at 12:48 PM
The year is 2025. There is a nationwide recall on rice, one of the most popular commodities on Earth. You grab your phone and click a link to learn more. Your risk will be revealed after you endure 479 HTTP transactions loaded from 126 IP addresses homed in 8 countries landing 207 cookies.
I'm going to start saying that MCP stands for "MCP Common Proxy", following the great tradition of GNU and WINE.
June 5, 2025 at 3:56 PM
I'm going to start saying that MCP stands for "MCP Common Proxy", following the great tradition of GNU and WINE.
Reposted by Justin Richer
I just released a new version of my HTTP Signatures library for Java, which fixed up a couple small bugs and added the core test cases from the RFC:
central.sonatype.com/artifact/io....
central.sonatype.com/artifact/io....
Maven Central: io.bspk:httpsig:1.0.0
Discover httpsig in the io.bspk namespace. Explore metadata, contributors, the Maven POM file, and more.
central.sonatype.com
May 21, 2025 at 6:56 PM
I just released a new version of my HTTP Signatures library for Java, which fixed up a couple small bugs and added the core test cases from the RFC:
central.sonatype.com/artifact/io....
central.sonatype.com/artifact/io....
Defining security for MCP has been raising a lot of questions and discussions, and I think one of the most important ones is clarity around how the two sides of the MCP proxy relate from a security perspective.
justinsecurity.medium.com/tangled-toke...
justinsecurity.medium.com/tangled-toke...
Tangled Tokens and Authorized Agents
Right now, many folks are excited about the prospect of agentic AI: intelligent computer systems that can access your stuff and do useful…
justinsecurity.medium.com
May 15, 2025 at 8:32 PM
Defining security for MCP has been raising a lot of questions and discussions, and I think one of the most important ones is clarity around how the two sides of the MCP proxy relate from a security perspective.
justinsecurity.medium.com/tangled-toke...
justinsecurity.medium.com/tangled-toke...
Reposted by Justin Richer
Which federal crime did the President commit with this statement?
Was it 26 usc 7217, which prohibits the President or his aides from directing any tax enforcement action?
Or was it 26 usc 6103, which prohibits any government official from disclosing an ongoing tax proceeding?
Maybe both!
Was it 26 usc 7217, which prohibits the President or his aides from directing any tax enforcement action?
Or was it 26 usc 6103, which prohibits any government official from disclosing an ongoing tax proceeding?
Maybe both!
May 2, 2025 at 11:39 AM
Which federal crime did the President commit with this statement?
Was it 26 usc 7217, which prohibits the President or his aides from directing any tax enforcement action?
Or was it 26 usc 6103, which prohibits any government official from disclosing an ongoing tax proceeding?
Maybe both!
Was it 26 usc 7217, which prohibits the President or his aides from directing any tax enforcement action?
Or was it 26 usc 6103, which prohibits any government official from disclosing an ongoing tax proceeding?
Maybe both!
At this point, "it's not clear if they have the authority" simply means "they're going to do it and see if anyone stops them"
It is not clear that the president has the authority to make such orders to CPB under the law.
From @davidfolkenflik.bsky.social
From @davidfolkenflik.bsky.social
Trump says he's ending federal funding for NPR and PBS. They say he can't
In an executive order, President Trump directs the Corporation for Public Broadcasting to stop funding NPR and PBS. They say he can't. PBS chief Paula Kerger calls it "blatantly unlawful".
www.npr.org
May 2, 2025 at 4:43 PM
At this point, "it's not clear if they have the authority" simply means "they're going to do it and see if anyone stops them"
Reposted by Justin Richer
I'm excited to share that the GNAP Resource Servers RFC is now final! RFC9767 is available online. This represents the culmination of years of great work. A huge thanks to everyone who helped!
www.rfc-editor.org/rfc/rfc9767....
www.rfc-editor.org/rfc/rfc9767....
RFC 9767: Grant Negotiation and Authorization Protocol Resource Server Connections
The Grant Negotiation and Authorization Protocol (GNAP) defines a mechanism for delegating authorization to a piece of
software (the client) and conveying the results and artifacts of that delegation
...
www.rfc-editor.org
April 23, 2025 at 8:57 PM
I'm excited to share that the GNAP Resource Servers RFC is now final! RFC9767 is available online. This represents the culmination of years of great work. A huge thanks to everyone who helped!
www.rfc-editor.org/rfc/rfc9767....
www.rfc-editor.org/rfc/rfc9767....
Reposted by Justin Richer
The end is nigh
top sign of an incoming recession: there's Dunkins closing in Boston.
April 18, 2025 at 2:51 PM
The end is nigh