Miek Gieben
@miek.mastodon.cloud.ap.brid.gy
[email protected] - DNS, LEGO and Gopher
[bridged from https://mastodon.cloud/@miek on the fediverse by https://fed.brid.gy/ ]
[bridged from https://mastodon.cloud/@miek on the fediverse by https://fed.brid.gy/ ]
Wake me up when I can run a database in Kubernetes
November 14, 2025 at 3:01 PM
Wake me up when I can run a database in Kubernetes
didn't know the Go std lib, uses x-packages
"golang.org/x/net/dns/dnsmessage"
seems weird
"golang.org/x/net/dns/dnsmessage"
seems weird
November 14, 2025 at 8:14 AM
didn't know the Go std lib, uses x-packages
"golang.org/x/net/dns/dnsmessage"
seems weird
"golang.org/x/net/dns/dnsmessage"
seems weird
IETF's errata page should warn that the text you errate(?) against has seen several centi-threads of discussions
Better yet, rfc should just link to the relevant email discussion in each paragraph
Better yet, rfc should just link to the relevant email discussion in each paragraph
November 13, 2025 at 3:50 PM
IETF's errata page should warn that the text you errate(?) against has seen several centi-threads of discussions
Better yet, rfc should just link to the relevant email discussion in each paragraph
Better yet, rfc should just link to the relevant email discussion in each paragraph
TIL git ls-remote
and this is how to check out a pull request from codeberg.org
codebergpr = "!f() { pr=$(basename $1); git fetch origin refs/pull/$pr/head:pr-$pr && git checkout pr-$pr; }; f"
#git
and this is how to check out a pull request from codeberg.org
codebergpr = "!f() { pr=$(basename $1); git fetch origin refs/pull/$pr/head:pr-$pr && git checkout pr-$pr; }; f"
#git
November 13, 2025 at 6:12 AM
TIL git ls-remote
and this is how to check out a pull request from codeberg.org
codebergpr = "!f() { pr=$(basename $1); git fetch origin refs/pull/$pr/head:pr-$pr && git checkout pr-$pr; }; f"
#git
and this is how to check out a pull request from codeberg.org
codebergpr = "!f() { pr=$(basename $1); git fetch origin refs/pull/$pr/head:pr-$pr && git checkout pr-$pr; }; f"
#git
Reposted by Miek Gieben
🔍 / #software / #python / #golang
Go for Python Programmers
This book is intended to provide a solid introduction to the Go language for experienced Python programmers.
🐱🔗 https://laravista.altervista.org/CatLink/links/440
#catlink #softwarepython #softwarepythongolang
Go for Python Programmers
This book is intended to provide a solid introduction to the Go language for experienced Python programmers.
🐱🔗 https://laravista.altervista.org/CatLink/links/440
#catlink #softwarepython #softwarepythongolang
Go for Python Programmers
This book is intended to provide a solid introduction to the Go language for experienced Python programmers.
laravista.altervista.org
November 12, 2025 at 8:06 PM
🔍 / #software / #python / #golang
Go for Python Programmers
This book is intended to provide a solid introduction to the Go language for experienced Python programmers.
🐱🔗 https://laravista.altervista.org/CatLink/links/440
#catlink #softwarepython #softwarepythongolang
Go for Python Programmers
This book is intended to provide a solid introduction to the Go language for experienced Python programmers.
🐱🔗 https://laravista.altervista.org/CatLink/links/440
#catlink #softwarepython #softwarepythongolang
If you say have a giant caddy proxy in front of websites that does TLS and proxying. What protocol do you use for communicating with the backend website. Also https or plain http, ipsec or other tunneling?
November 12, 2025 at 2:07 PM
If you say have a giant caddy proxy in front of websites that does TLS and proxying. What protocol do you use for communicating with the backend website. Also https or plain http, ipsec or other tunneling?
fucking brilliant
https://github.com/coredns/coredns/commit/deae7ec3455ec11fc4ddf89f868507f562cc40d3
#go #dns
Ported: https://codeberg.org/miekg/dns/pulls/398
(one of the reason I wanted Sort in the main lib - faster for all consumers)
https://github.com/coredns/coredns/commit/deae7ec3455ec11fc4ddf89f868507f562cc40d3
#go #dns
Ported: https://codeberg.org/miekg/dns/pulls/398
(one of the reason I wanted Sort in the main lib - faster for all consumers)
Performance tuning for plugin/file (#7658) · coredns/coredns@deae7ec
* plugin/file: improve performance of function tree.less(..) PrevLabel always begins its iteration from the tail of domain name. less(..) loop can improve its performance by calling PrevLabel star...
github.com
November 12, 2025 at 1:39 PM
fucking brilliant
https://github.com/coredns/coredns/commit/deae7ec3455ec11fc4ddf89f868507f562cc40d3
#go #dns
Ported: https://codeberg.org/miekg/dns/pulls/398
(one of the reason I wanted Sort in the main lib - faster for all consumers)
https://github.com/coredns/coredns/commit/deae7ec3455ec11fc4ddf89f868507f562cc40d3
#go #dns
Ported: https://codeberg.org/miekg/dns/pulls/398
(one of the reason I wanted Sort in the main lib - faster for all consumers)
Ok, submitted erata for rfc 8765, didn't prose new text, was more of a what the fuck were you thinking
(and some factual errors). We'll see where this ends
(and some factual errors). We'll see where this ends
November 12, 2025 at 9:34 AM
Ok, submitted erata for rfc 8765, didn't prose new text, was more of a what the fuck were you thinking
(and some factual errors). We'll see where this ends
(and some factual errors). We'll see where this ends
Let there be the CAA record https://datatracker.ietf.org/doc/html/rfc8659 and to make it easier it will have free-form text, so typos will impact your security as $DEITY intended!
(Just had 'issuer' instead 'issue' and shit broke)
#dns #go
(Just had 'issuer' instead 'issue' and shit broke)
#dns #go
RFC 8659: DNS Certification Authority Authorization (CAA) Resource Record
The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates for that domain name. CAA Resource Records allow a public CA to implement additional controls to reduce the risk of unintended certificate mis-issue. This document defines the syntax of the CAA record and rules for processing CAA records by CAs. This document obsoletes RFC 6844.
datatracker.ietf.org
November 11, 2025 at 12:25 PM
Let there be the CAA record https://datatracker.ietf.org/doc/html/rfc8659 and to make it easier it will have free-form text, so typos will impact your security as $DEITY intended!
(Just had 'issuer' instead 'issue' and shit broke)
#dns #go
(Just had 'issuer' instead 'issue' and shit broke)
#dns #go
I looked at ruby before Go was a thing, and they had like 5 stable versions going at that time (2011?). I immediately gave up. Also didn't feel like a proper departure from Perl (and C)
Luckily Go showed up a year later
Luckily Go showed up a year later
November 11, 2025 at 6:50 AM
I looked at ruby before Go was a thing, and they had like 5 stable versions going at that time (2011?). I immediately gave up. Also didn't feel like a proper departure from Perl (and C)
Luckily Go showed up a year later
Luckily Go showed up a year later
dso - dns stateful operations - there more I look the worse it gets. RFC 8765...
https://datatracker.ietf.org/doc/html/rfc8765#name-push-message-2
what if we don't use normal RRs, but instead make the RR the rdata of the tlv-shit we just invented?
The list of RRs (from 1035!) that are […]
https://datatracker.ietf.org/doc/html/rfc8765#name-push-message-2
what if we don't use normal RRs, but instead make the RR the rdata of the tlv-shit we just invented?
The list of RRs (from 1035!) that are […]
Original post on mastodon.cloud
mastodon.cloud
November 10, 2025 at 1:36 PM
dso - dns stateful operations - there more I look the worse it gets. RFC 8765...
https://datatracker.ietf.org/doc/html/rfc8765#name-push-message-2
what if we don't use normal RRs, but instead make the RR the rdata of the tlv-shit we just invented?
The list of RRs (from 1035!) that are […]
https://datatracker.ietf.org/doc/html/rfc8765#name-push-message-2
what if we don't use normal RRs, but instead make the RR the rdata of the tlv-shit we just invented?
The list of RRs (from 1035!) that are […]
Reposted by Miek Gieben
Reposted by Miek Gieben
This article explains how Musk’s ridiculous pay is tied to achieving various benchmarks for Tesla.
So even more so than before, Musk’s money is tied to Tesla.
If Tesla does badly, Musk is hurt.
You know what to do, world.
The shareholders brought this on themselves. #TeslaTakedown
So even more so than before, Musk’s money is tied to Tesla.
If Tesla does badly, Musk is hurt.
You know what to do, world.
The shareholders brought this on themselves. #TeslaTakedown
Tesla says shareholders approve Musk's $1 trillion pay plan with over 75% voting in favor
Tesla shareholders approved CEO Elon Musk's historic pay package at the company's annual shareholders meeting in Austin, Texas.
www.cnbc.com
November 8, 2025 at 7:46 PM
This article explains how Musk’s ridiculous pay is tied to achieving various benchmarks for Tesla.
So even more so than before, Musk’s money is tied to Tesla.
If Tesla does badly, Musk is hurt.
You know what to do, world.
The shareholders brought this on themselves. #TeslaTakedown
So even more so than before, Musk’s money is tied to Tesla.
If Tesla does badly, Musk is hurt.
You know what to do, world.
The shareholders brought this on themselves. #TeslaTakedown
New Komoot app. Some things aren't loading anymore... Enshitification has begon.... Shit now what. GDPR to get data out en then....?
November 8, 2025 at 11:21 AM
New Komoot app. Some things aren't loading anymore... Enshitification has begon.... Shit now what. GDPR to get data out en then....?
Big groups, small groups, it doesn't matter, DNS sucks for all
November 6, 2025 at 8:19 PM
Big groups, small groups, it doesn't matter, DNS sucks for all
I don't think nsec3 hashing ever worked properly in miekg/dnsv1... which has been around for 15+ years, but noone noticed or used that functionality...
November 6, 2025 at 3:25 PM
I don't think nsec3 hashing ever worked properly in miekg/dnsv1... which has been around for 15+ years, but noone noticed or used that functionality...
I appreciate the foresight of the NSEC3 folks (RFC 5155) to make it impossible to upgrade the hashing algorithm thereby guaranteeing the record is almost obsolete. This should be done to more records.
Here's a toast to getting rid of the dumbest idea to hit DNSSEC!
(other hits include […]
Here's a toast to getting rid of the dumbest idea to hit DNSSEC!
(other hits include […]
Original post on mastodon.cloud
mastodon.cloud
November 6, 2025 at 3:05 PM
I appreciate the foresight of the NSEC3 folks (RFC 5155) to make it impossible to upgrade the hashing algorithm thereby guaranteeing the record is almost obsolete. This should be done to more records.
Here's a toast to getting rid of the dumbest idea to hit DNSSEC!
(other hits include […]
Here's a toast to getting rid of the dumbest idea to hit DNSSEC!
(other hits include […]
hmmm, dnsviz is not happy, but when replying myself it looks OK..?
https://dnsviz.net/d/pietje.miek.cncz.nl/dnssec/
https://dnsviz.net/d/pietje.miek.cncz.nl/dnssec/
pietje.miek.cncz.nl | DNSViz
dnsviz.net
November 6, 2025 at 2:27 PM
hmmm, dnsviz is not happy, but when replying myself it looks OK..?
https://dnsviz.net/d/pietje.miek.cncz.nl/dnssec/
https://dnsviz.net/d/pietje.miek.cncz.nl/dnssec/
Go cache in ~/go of 44 GB, docker image shit of 60 GB
wtf
wtf
November 6, 2025 at 1:16 PM
Go cache in ~/go of 44 GB, docker image shit of 60 GB
wtf
wtf
The CA we need to use right now is somewhat braindead... I present the 'yes' handler:
https://codeberg.org/miekg/dns/src/branch/main/cmd/atomdns/handlers/yes/README.md
https://codeberg.org/miekg/dns/src/branch/main/cmd/atomdns/handlers/yes/README.md
dns/cmd/atomdns/handlers/yes/README.md at main
dns - Go DNS library
codeberg.org
November 5, 2025 at 11:36 AM
The CA we need to use right now is somewhat braindead... I present the 'yes' handler:
https://codeberg.org/miekg/dns/src/branch/main/cmd/atomdns/handlers/yes/README.md
https://codeberg.org/miekg/dns/src/branch/main/cmd/atomdns/handlers/yes/README.md