> So I did the hipster thing and implemented Noise.
> [...]
> Out of laziness, we kept the Noise stuff, which means the interface to tkdb is now HTTP/Noise.
Yikes, I wager it was more difficult to get this thing working than HTTPS because they surely have an existing solution for nearly everything else. It smells more like a developer being reluctant to delete their own code. There's an unaudited cryptography stack in their authentication path.
Reminds me of the time I suggested to my cousin's new girlfriend (gentile) that she bring macaroons (a standard kosher-for-Passover dessert) to our Passover seder and instead she brought macarons (delicious but not kosher for Passover). We all had a laugh.
> So I did the hipster thing and implemented Noise.
> [...]
> Out of laziness, we kept the Noise stuff, which means the interface to tkdb is now HTTP/Noise.
Yikes, I wager it was more difficult to get this thing working than HTTPS because they surely have an existing solution for nearly everything else. It smells more like a developer being reluctant to delete their own code. There's an unaudited cryptography stack in their authentication path.
You are not your code.
One might assume the cryptographic code was somewhat audited by Thomas Ptacek.
I wasn’t super interested in the topic but enjoyed the style of writing and completed the article.
I learned a few things I hadn’t planned on learning :)
I assume the token gets its name from figure one in this paper: https://www.ndss-symposium.org/wp-content/uploads/2017/09/04...
Which angers me, because that's a macaron, not a macaroon.
Reminds me of the time I suggested to my cousin's new girlfriend (gentile) that she bring macaroons (a standard kosher-for-Passover dessert) to our Passover seder and instead she brought macarons (delicious but not kosher for Passover). We all had a laugh.