y.st./compiled/en/weblog/2015/03-March/17.xhtml

<?xml version="1.0" encoding="utf-8"?>
<!--
                                                                                     
 h       t     t                ::       /     /                     t             / 
 h       t     t                ::      //    //                     t            // 
 h     ttttt ttttt ppppp sssss         //    //  y   y       sssss ttttt         //  
 hhhh    t     t   p   p s            //    //   y   y       s       t          //   
 h  hh   t     t   ppppp sssss       //    //    yyyyy       sssss   t         //    
 h   h   t     t   p         s  ::   /     /         y  ..       s   t    ..   /     
 h   h   t     t   p     sssss  ::   /     /     yyyyy  ..   sssss   t    ..   /     
                                                                                     
	<https://y.st./>
	Copyright © 2015 Alex Yst <mailto:copyright@y.st>

	This program is free software: you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation, either version 3 of the License, or
	(at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program. If not, see <https://www.gnu.org./licenses/>.
-->
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
		<base href="https://y.st./en/weblog/2015/03-March/17.xhtml" />
		<title>A mistake made and a plan to sign Web pages &lt;https://y.st./en/weblog/2015/03-March/17.xhtml&gt;</title>
		<link rel="icon" type="image/png" href="/link/CC_BY-SA_4.0/y.st./icon.png" />
		<link rel="stylesheet" type="text/css" href="/link/basic.css" />
		<link rel="stylesheet" type="text/css" href="/link/site-specific.css" />
		<script type="text/javascript" src="/script/javascript.js" />
		<meta name="viewport" content="width=device-width" />
	</head>
	<body>
		<nav>
			<p>
				<a href="/en/">Home</a> |
				<a href="/en/a/about.xhtml">About</a> |
				<a href="/en/a/contact.xhtml">Contact</a> |
				<a href="/a/canary.txt">Canary</a> |
				<a href="/en/URI_research/"><abbr title="Uniform Resource Identifier">URI</abbr> research</a> |
				<a href="/en/opinion/">Opinions</a> |
				<a href="/en/coursework/">Coursework</a> |
				<a href="/en/law/">Law</a> |
				<a href="/en/a/links.xhtml">Links</a> |
				<a href="/en/weblog/2015/03-March/17.xhtml.asc">{this page}.asc</a>
			</p>
			<hr/>
			<p>
				Weblog index:
				<a href="/en/weblog/"><abbr title="American Standard Code for Information Interchange">ASCII</abbr> calendars</a> |
				<a href="/en/weblog/index_ol_ascending.xhtml">Ascending list</a> |
				<a href="/en/weblog/index_ol_descending.xhtml">Descending list</a>
			</p>
			<hr/>
			<p>
				Jump to entry:
				<a href="/en/weblog/2015/03-March/07.xhtml">&lt;&lt;First</a>
				<a rel="prev" href="/en/weblog/2015/03-March/16.xhtml">&lt;Previous</a>
				<a rel="next" href="/en/weblog/2015/03-March/18.xhtml">Next&gt;</a>
				<a href="/en/weblog/latest.xhtml">Latest&gt;&gt;</a>
			</p>
			<hr/>
		</nav>
		<header>
			<h1>A mistake made and a plan to sign Web pages</h1>
			<p>Day 00010: Tuesday, 2015 March 17</p>
		</header>
</p>
	It seems it was Jenny, not misted__, that <a href="/en/weblog/2015/03-March/17.xhtml">showed me the <abbr title="PHP: Hypertext Preprocessor">PHP</abbr> functions on Sunday</a>.
	I have apologized, as well as added acknowledgement of the mistake to the correct weblog entry.
</p>
</p>
	I got distracted yesterday by research on canaries and forgot to mention that my <code>y.st.</code> hostmask was approved on <a href="ircs://irc.volatile.club:6697/">Volatile</a>, so when I am logged in, I look like I&apos;m coming from my domain despite the fact that I&apos;m actually coming from the <abbr title="The Onion Router">Tor</abbr> network.
</p>
</p>
	I decided to maybe add an automatic canary updater to my website&apos;s update script, though I don&apos;t know how that will be compatible with the decision to translate the update script to <abbr title="PHP: Hypertext Preprocessor">PHP</abbr>.
	Once I find the time to set this up, I&apos;ll know more.
	To insure that failing to update the canary is entirely passive (as to avoid breaking the law), I&apos;ll add a <code>--canary</code> or <code>--chirp</code> command line flag, and if not included when running the script, it simply won&apos;t update the canary.
	In order for the canary to not disappear from the site when not updated, it will likely need to have a separate compile directory that compiles it into the static files directory before doing anything else.
	Because automating the canary update process will require finding a way to <abbr title="Pretty Good Privacy">PGP</abbr> sign from within <abbr title="PHP: Hypertext Preprocessor">PHP</abbr>, I might as well sign all my pages at that time.
	It seems that there is no way to include the <code>-----BEGIN PGP SIGNED MESSAGE-----</code>, <code>-----BEGIN PGP SIGNATURE-----</code>, or <code>-----END PGP SIGNATURE-----</code> lines in <abbr title="Extensible Hypertext Markup Language">XHTML</abbr> comments and still have the page validate.
	This means that parts of the page will have to be outside the signed part of the page, which is unfortunate.
	I will likely sign only the content of <code>&lt;body/&gt;</code>.
</p>
</p>
	According to the <a href="https://canarywatch.org/faq.html">Canary Watch frequently-asked questions page</a>, the government allows an entity to disclose approved ranges of gag orders they have been served over six-month periods.
	These ranges are all ranges of one thousand and start at zero, for example, 0 - 999.
	You can guarantee that if I start posting a range of the number of gag orders I have received, that I have received at least one.
	This is because as long as I am not bound by one of these gag orders, I am free to ignore the ranges and admit that I have received exactly zero of them.
	The power to issue these gag orders has been abused by the government for a while now, and <a href="https://www.eff.org/issues/national-security-letters">the <abbr title="Electronic Frontier Foundation">EFF</abbr> is trying to raise awareness of it</a>.
</p>
</p>
	It seems <a href="https://gnso.icann.org/mailing-lists/archives/whois-tf2-report-comments/pdf00001.pdf">the <abbr title="Electronic Frontier Foundation">EFF</abbr> is concerned about the privacy implications of whois records in <abbr title="Domain Name System">DNS</abbr></a>.
	I&apos;m in total agreement, domain names should be allowed to be registered anonymously without need of a proxy (such as a whois privacy service).
</p>
</p>
	It has been brought to my attention that Iceweasel blocks Web browsing on port 22 as well as other ports.
	I forget who showed me this, as I didn&apos;t write this entry until a couple days after I should have.
	I think it was mistedwind, but that&apos;s not important.
	I&apos;m not sure what the goal in doing this way, but supposedly, it&apos;s somehow for security.
</p>
</p>
	My last comment of the day is that I need to remember to stand up for everyone&apos;s rights, not just my own.
	I made a comment online about how I would be fine only being able to receive calls over <abbr title="Session Initiation Protocol">SIP</abbr> at my home server, as I never make any calls myself.
	Mistedwind reminded me that some people want to place calls from servers at their home addresses, and they have just as much right to place calls from home servers as I do to receive them from a home server.
	This was selfish of me, and I need to be more mindful of others in the future.
</p>
</p>
	My <a href="/a/canary.txt">canary</a> sings freely today, signafying that I am still not under a gag order.
</p>
		<hr/>
		<p>
			Copyright © 2015 Alex Yst;
			You may modify and/or redistribute this document under the terms of the <a rel="license" href="/license/gpl-3.0-standalone.xhtml"><abbr title="GNU&apos;s Not Unix">GNU</abbr> <abbr title="General Public License version Three or later">GPLv3+</abbr></a>.
			If for some reason you would prefer to modify and/or distribute this document under other free copyleft terms, please ask me via email.
			My address is in the source comments near the top of this document.
			This license also applies to embedded content such as images.
			For more information on that, see <a href="/en/a/licensing.xhtml">licensing</a>.
		</p>
		<p>
			<abbr title="World Wide Web Consortium">W3C</abbr> standards are important.
			This document conforms to the <a href="https://validator.w3.org./nu/?doc=https%3A%2F%2Fy.st.%2Fen%2Fweblog%2F2015%2F03-March%2F17.xhtml"><abbr title="Extensible Hypertext Markup Language">XHTML</abbr> 5.1</a> specification and uses style sheets that conform to the <a href="http://jigsaw.w3.org./css-validator/validator?uri=https%3A%2F%2Fy.st.%2Fen%2Fweblog%2F2015%2F03-March%2F17.xhtml"><abbr title="Cascading Style Sheets">CSS</abbr>3</a> specification.
		</p>
	</body>
</html>