UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest. In creating my blog I wanted to be able to go beyond plain text entries but avoid having to hand-code HTML. I looked at various schemes for marking up plain text to indicate the presence of links, ordered and unordered lists, preformatted text, etc. In particular I was familar with Textile and Pod from having used them in my Blosxom annotations project. (I didn’t look at all of these, but some other entrants in the “plain text markup” space include ReStructured Text, Texturize, and the various implementations of text markup for Wikis.) ...

UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest. I’ve been investigating using the Blosxom weblog application for my personal blog, and felt disadvantaged by my lack of knowledge of Perl (the language in which Blosxom was written). I began making detailed notes while I was reading through the Blosxom code (blosxom.cgi); my note taking quickly got out of hand, and here are the results, for anyone who’s interested: ...

UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest. If you’d like to receive full-text articles from this site as they are published, you can subcribe to one or more of the following feeds, in the formats indicated; simply cut and paste the URLs into your feed reader of choice. The Atom feeds are preferred; I maintain the RSS feeds only for older news aggregators that are not yet Atom-enabled. ...

UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest. In using Markdown I found one problem, one I’m surprised hasn’t been reported before. (I looked through the Markdown mailing list archive briefly, but didn’t see anything on this; perhaps people consider the current behavior a feature, not a bug?) I make extensive (really, almost exclusive) use of reference-style links, and noticed problems when I word-wrapped my paragraphs, so that the resulting text looked something like the following: ...

I have published a new draft 5 of the proposed Mozilla CA certificate policy. For detailed line-by-line changes from the previous draft please see my posting in the netscape.public.mozilla.crypto newsgroup (aka the mozilla-crypto mailing list). (Note that I have not yet updated the accompanying FAQ, but will try to do so in the next few days. Unfortunately for various reasons I will have less free time during the holiday season than I would normally, so I can’t commit to getting this done right away.) ...

UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest. The basic principles I tried to follow in creating the this site were as follows: The site should be entirely text-based, with minimal or no use of graphics. All web pages on the site should validate as HTML 4.01 Strict. All web pages on the site should be accessible using URIs that hide the details of the particular content type or page generation mechanism associated with the page. The site should be a transparent upgrade from my previous site (created a few years ago), so that all previous URLs should continue to work. The following sections expand on these points: ...

UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest. This site is a mixture of static content and dynamic content served through the Blosxom blogging system. I use various URI rewriting rules and a number of Blosxom plugins (some slightly hacked) in order to implement the site according to my personal design philosophy. Overall implementation As mentioned above, my site is (for the most part) powered either directly or indirectly by Blosxom. I use three different approaches to serving site content: ...

I’ve been working on the Mozilla CA certificate policy for some time now. I’ve created a “metapolicy” to help guide how the final policy should look. Note that the metapolicy doesn’t address any of the truly hard issues, like how to evaluate Certificate Authorities that haven’t undergone WebTrust audits or other independent audits. That will have to wait for future work (and time for me to do it). In the meantime I’ve been following a simple interim policy, one that is basically equivalent to Microsoft’s policy: I’m approving CAs that have successfully passed a WebTrust for CAs audit, or an audit that (in my judgement) is “WebTrust equivalent.”

UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest. Here I document the way in which I use URI rewriting (along with redirection and a couple of Blosxom plugins) to help implement my personal design philosophy for my web site. My goal is to create a unified URI space within which static and dynamic content can transparently co-exist, with publicly-visible URIs for human-readable content (i.e., HTML pages) having a canonical form that omits file extensions or other content type specifiers. ...

UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest. As noted in my discussion of URI rewriting, we can use Apache to enforce canonical URI forms for HTML files and directories, but need to use a plugin to enforce canonical forms for URIs handled by Blosxom. I’ve thus written a new canonicaluri plugin that checks to see whether the requested URI is in the canonical form for the type of page being requested, and if necessary does a browser redirect to the canonical form of the URI. ...