Missed that. Thank you!
The parent comment is wondering about the structure of the signature and if different curve parameters can be specified for it. How can explicit curve parameters be specified in an ECDSA signature? ecdsaWithSHA256, at…
From the post: "For example, one customer told us that they plan to create hundreds of VPCs, each hosting and providing a single microservice" At first glance, that sounds pretty neat, but looking at VPC pricing shows…
Gotcha. On the ingest front, do you have any numbers around that? I see some benchmarks that focus on other (important) aspects like QPS but didn't catch anything on ingest.
Say I'm using ELK for log aggregation. Would Vespa be a good replacement? One pain point is ingest rate. How many "average" log lines per second can Vespa do per node?
In our case, the appliance usually can access the internet, possibly through a proxy, but it's not accessible from the internet.
I recently read about how Plex got trusted SSL certificates for all their users in partnership with DigiCert, and was really curious if a similar scheme could be accomplished with Let's Encrypt. The scheme required…
You raise some good points, like the kubelet killing off pods in hopes of getting a new pod with juicier secrets associated with it, but nevertheless the ticket mentioned by the sibling comment…
There's still rooted node / kubelet access control to worry about, which does not look to be a problem with Docker. (https://github.com/kubernetes/kubernetes/issues/40476)
I agree. I also care more about access control than encryption. But if you obtain a kubelet's credentials, you can read all secrets. It would be nice if a kubelet's access was restricted to only what the kubelet needs…
It's not so much the plain text part that bothers me, it's the access control. Quoting the docs at https://kubernetes.io/docs/user-guide/secrets/#security-prop...: "Currently, anyone with root on any node can read any…
ExtraHop Networks - Seattle Give us packets, get IT and business insight. Like systems-level programming? C, Go, Python? Let's talk! ben@extrahop.com
Glad the conditional/ternary operator's atypical associativity is documented now...
ExtraHop Networks. Seattle, WA. jobs+hn@extrahop.com Deep L7 protocol analysis at scale.
I'd have assumed this was Sipser's book as well, except that I was recently at a university bookstore and saw the third edition of his book priced at over $200. Sipser's a great writer, but that's an outrageous price.…
spu? :)
For the "catrank" case, could you use std::str::raw::from_utf8 to skip the utf-8 validity check?
Seattle, WA - ExtraHop Networks - http://www.extrahop.com/jobs From packets to perspicacity. If you want to work at a company with a strong engineering team, founded and run by engineers, send us an email:…
ST2's first public alpha release was in January 2011 and there was an update about every two weeks. Six months later, July 2011, the first Beta was released and Jon Skinner said there would be monthly updates now that…
Nice. It looks like beginning and end of string anchors are included by default. Is there any way to turn that off?
Curious how it compares with SCTP over DTLS over UDP (which WebRTC uses).
I wonder if it is still too soon to start seeing the worst failure cases given the age of the drives. I am curious why RAID6 is (still) used given its poor behavior in failure conditions. I am guessing that Backblaze is…
Congratulations, and thank you for sharing your experience.
His resources will grow exponentially!
Don't leave us hanging :) What was the problem?
Missed that. Thank you!
The parent comment is wondering about the structure of the signature and if different curve parameters can be specified for it. How can explicit curve parameters be specified in an ECDSA signature? ecdsaWithSHA256, at…
From the post: "For example, one customer told us that they plan to create hundreds of VPCs, each hosting and providing a single microservice" At first glance, that sounds pretty neat, but looking at VPC pricing shows…
Gotcha. On the ingest front, do you have any numbers around that? I see some benchmarks that focus on other (important) aspects like QPS but didn't catch anything on ingest.
Say I'm using ELK for log aggregation. Would Vespa be a good replacement? One pain point is ingest rate. How many "average" log lines per second can Vespa do per node?
In our case, the appliance usually can access the internet, possibly through a proxy, but it's not accessible from the internet.
I recently read about how Plex got trusted SSL certificates for all their users in partnership with DigiCert, and was really curious if a similar scheme could be accomplished with Let's Encrypt. The scheme required…
You raise some good points, like the kubelet killing off pods in hopes of getting a new pod with juicier secrets associated with it, but nevertheless the ticket mentioned by the sibling comment…
There's still rooted node / kubelet access control to worry about, which does not look to be a problem with Docker. (https://github.com/kubernetes/kubernetes/issues/40476)
I agree. I also care more about access control than encryption. But if you obtain a kubelet's credentials, you can read all secrets. It would be nice if a kubelet's access was restricted to only what the kubelet needs…
It's not so much the plain text part that bothers me, it's the access control. Quoting the docs at https://kubernetes.io/docs/user-guide/secrets/#security-prop...: "Currently, anyone with root on any node can read any…
ExtraHop Networks - Seattle Give us packets, get IT and business insight. Like systems-level programming? C, Go, Python? Let's talk! ben@extrahop.com
Glad the conditional/ternary operator's atypical associativity is documented now...
ExtraHop Networks. Seattle, WA. jobs+hn@extrahop.com Deep L7 protocol analysis at scale.
I'd have assumed this was Sipser's book as well, except that I was recently at a university bookstore and saw the third edition of his book priced at over $200. Sipser's a great writer, but that's an outrageous price.…
spu? :)
For the "catrank" case, could you use std::str::raw::from_utf8 to skip the utf-8 validity check?
Seattle, WA - ExtraHop Networks - http://www.extrahop.com/jobs From packets to perspicacity. If you want to work at a company with a strong engineering team, founded and run by engineers, send us an email:…
ST2's first public alpha release was in January 2011 and there was an update about every two weeks. Six months later, July 2011, the first Beta was released and Jon Skinner said there would be monthly updates now that…
Nice. It looks like beginning and end of string anchors are included by default. Is there any way to turn that off?
Curious how it compares with SCTP over DTLS over UDP (which WebRTC uses).
I wonder if it is still too soon to start seeing the worst failure cases given the age of the drives. I am curious why RAID6 is (still) used given its poor behavior in failure conditions. I am guessing that Backblaze is…
Congratulations, and thank you for sharing your experience.
His resources will grow exponentially!
Don't leave us hanging :) What was the problem?