Today I read about IDN homograph attacks. Basically it’s where Unicode characters that look like ASCII characters are put into a link so the link seems to go to a genuine/trusted site. In related news I found a list of confusable characters via stackoverflow. Also found a list of confusable symbols.
Today I learned about Punycode, which is a system for reversibly encoding Unicode in ASCII.
I was doing some research into base conversion and so far have found a function, dec2base, which looks like it might come in handy. There’s an online demo of the function.
I was working on some code the other evening and found myself needing a version of PHP’s bcmod function in JavaScript. It wasn’t already available at jsphp.co so I implemented it and posted about it to the ProgClub programming list.
Found a helpful article today, The Most Common OpenSSL Commands.
The particular command I needed wasn’t listed there though. What I needed to do was examine the contents of my Certificate Revocation List (CRL) certificate. I had a problem connecting to my website because it was complaining about an expired certificate and the culprit was indeed the CRL as I discovered when I ran:
$ openssl crl -inform CER -in ca.crl -text -noout
Sometimes I have a problem where I connect to my server without using a certificate, and then later need to connect using a certificate. But if I’ve already selected not to use a certificate then Firefox doesn’t prompt again so I have been having to restart my browser when that happens, which was a real pain, until now!
To clear your SSL session state in Firefox choose History -> Clear Recent History… and then select “Active Logins” and click “Clear Now”. Then the next time you connect to your SSL server Firefox will prompt for which certificate to use.
Last night I read the Apache URL Rewriting Guide and learned about the ErrorDocument Directive.
Been meaning to get around to reading the OpenID Authentication 2.0 specification.
Been learning how to work with MediaWiki’s sidebar.
Been reading up on software versioning.