[DRAFT] Ghetto Guide to CMS

*and by "ghetto", I mean "extremely applied". Basically, it's just interpretive labor on RFC 5652: Cryptographic Message Syntax and RFC 5280: X.509. P.S. CMS is way more technically elegant than PGP. I dare you to read the RFC and compare. Firstly: the "root object" that you'll be shitting nakedly into a binary (or ASCII-armored) file that sits in the filesystem or gets otherwise transferred is a ContentInfo data stream. …

Python: Using XOFs for general-purpose Random

As always, one's own stack overflow answers make the best blog posts. In this case, we craft a version of random.Random with a few modifications: Pulls its data from an arbitrary stream (in our case, a DRBG such as a hash function or deterministic CSPRNG) Is slightly more efficient at generating random integers Has fixed code for .shuffle, on the offchance CPython ever changes theirs, and to make it work …

WordPress: Restrict MathJax to a class

I write on a variety of topics, only some of which it's appropriate to have mathematical typesetting for. To avoid triggering a math rendering engine on unrelated use of $spurious dollar signs$, while activating it when $\text{necessary}\wedge\text{appropriate}$, I decided to restrict them to only elements with .language-mathjax. Here's how that's done: MathJax = { tex: { inlineMath: [ ['$', '$'] ] }, startup: { elements: ['.language-mathjax'] } }; I …

Getting OpenNIC to work with pfSense

If you're using an alternate DNS root server such as OpenNIC, and your network uses a pfSense-based router, you may find that clients are, strangely, unable to resolve unofficial TLDs, getting SERVFAIL or NXDOMAIN. There are 3 ways I can think of to quickly solve this problem for the whole network, listed here in increasing order of complication: 1. Disable the DNS resolver Go to Services > DNS Resolver …

Mandates ARE laws…

I've seen some people online saying variations on “[COVID-19 quarantine] mandates aren't laws! know your rights! [state] legislature didn't sign off on this!” However, these people are usually incorrect. I'll be compiling examples in this post, more to come if I feel like it, starting out with representative examples from each quadrant of the U.S.: AL Code § 22-2-2 (6) [archived] CA HSC § 120130 (c) and (d), and …

[WIP] Namecheap let's encrypt

First, go to cPanel's SSL/TLS, Private Keys, View. Note the ID of your TLS key; copy it to your clipboard or something. (Be careful not to grab any extraneous spaces or anything; triple-clicking to select the whole line did work for me, but just be sure you're paying attention.) Then, go to cPanel's Terminal and execute the following commands: mkdir -p ~/virtualenv /opt/alt/python37/bin/python3 -m venv ~/virtualenv/simp_le bash . ~/virtualenv/simp_le/bin/activate …