Aaron Parecki

Emelia 👸🏻 https://hachyderm.io/@thisismissem • May 16
@aaronpk am I understanding that in order to use FedCM the RP must perform dynamic client registration with the IdP? I'm unsure of how the `client_id` comes to exist for the RP and not really getting it for the first-sign-in flow?

I just saw your comment on FedCM #585. Since you're diving into the depths of Mastodon OAuth already I'd love to talk about how we can better align IndieAuth OAuth and Mastodon OAuth!

Portland, Oregon • 63°F

1 reply

Thu, May 16, 2024 11:22am -07:00 #585
Emelia 👸🏻 https://hachyderm.io/@thisismissem • May 16
@aaronpk am I understanding that in order to use FedCM the RP must perform dynamic client registration with the IdP? I'm unsure of how the `client_id` comes to exist for the RP and not really getting it for the first-sign-in flow?

It has nothing to do with FedCM actually. In IndieAuth we avoid client registration entirely by using URLs as client identifiers. So the client already knows its client ID, and uses the same client ID at every authorization server it talks to. It's also a natural fit for FedCM since you can use `window.location.origin` for it in the JS call.

Portland, Oregon • 63°F

1 reply

Thu, May 16, 2024 11:15am -07:00
KimberlyHirsh https://micro.blog/KimberlyHirsh • May 15
@aaronpk This is great advice but anyone who tried it for me would be sorely disappointed by the extreme lack of refund.

I have bad news, they just make up whatever numbers they want so that it comes out to getting a refund on your behalf 🙃

Portland, Oregon • 52°F

Wed, May 15, 2024 6:09am -07:00
https://berlin.social/@ir/112438489029794850

Thanks! There's currently no browser API that guarantees the use of secure-element-stored private keys. The best we get now is non-exportable. There's a mention of that here https://datatracker.ietf.org/doc/html/draft-ietf-oauth-browser-based-apps#section-6.3.4.2.2 But as discussed, even hardware-backed keys don't prevent an attacker from starting their own flow in the browser with their own keys.

Portland, Oregon • 47°F

Tue, May 14, 2024 5:32am -07:00
https://mapstodon.space/@arferrand/112438539249720831

Thanks! Mostly I'm doing German so I don't completely forget everything I learned in school.

Portland, Oregon • 47°F

Tue, May 14, 2024 5:29am -07:00
Royce Williams https://infosec.exchange/@tychotithonus • May 14
@aaronpk Legit impressive.

I've been looking forward to this day for a long time

Portland, Oregon • 60°F

1 like

Mon, May 13, 2024 9:05pm -07:00
daniel:// stenberg:// https://mastodon.social/@bagder • Apr 15
Support for RFC 9421 - HTTP Message Signatures in #curl ?
https://github.com/curl/curl/discussions/13376

Yes please! Like TLS, HTTP Signatures should be baked into the HTTP client, not something people have to write at the application layer. This will make it much more accessible!

Portland, Oregon • 42°F

2 likes

Sun, Apr 21, 2024 7:35am -07:00
Eric Likness https://mastodon.online/@carpetbomberz • Apr 21
@aaronpk Must an IP68 rating. One positive side effect of not being easy to repair (full water sealing).

These are second gen which aren't even advertised as "water resistant" unlike the 3rd gen!

Portland, Oregon • 42°F

1 like

Sun, Apr 21, 2024 7:31am -07:00
JohnPhilpin https://micro.blog/JohnPhilpin • Apr 21
@aaronpk and did they survive?

they did! they're not even advertised as water resistant, and the pods fell out of the case too!

Portland, Oregon • 42°F

Sun, Apr 21, 2024 7:30am -07:00
Aaron Parecki https://aaronparecki.com/ • Apr 20
oh no, it finally happened. I left my AirPods in a pocket and they went through the washer and dryer 😱

what the heck, they still work???

Portland, Oregon • 52°F

4 likes 5 replies

Sat, Apr 20, 2024 7:58pm -07:00
Aaron Parecki https://aaronparecki.com/ • Apr 13

at Prima Vista Lounge

Not super impressed with the vegetarian breakfast options here. There's eggs and falafel, but the pancakes are way too sweet. There were only two kinds of cheeses. All the pastries, including the croissants, are smothered in sugar.

Fiumicino, Lazio, ITA • 61°F

Sat, Apr 13, 2024 8:24am +02:00
Jeremy Cherfas https://stream.jeremycherfas.net/profile/jeremy • Apr 10
Wait, what? You’re in Rome?

Yes! Here for an OAuth event!

Roma, Lazio • 60°F

1 reply

Wed, Apr 10, 2024 9:33am +02:00
Evan Prodromou https://cosocial.ca/@evan • Apr 8
@aaronpk so, how did it go?

I made it! Got a peek at the eclipse on the SkyTrain, found a spot in the airport lounge by a window to sit while the shadow came over us, then got back on the train to catch the tail end and made it to the gate right when we were boarding!

American Airlines Flight 240 DFW to FCO in Dallas, Texas • 78°F

1 like

Mon, Apr 8, 2024 3:13pm -05:00
Julio 🏳️‍🌈 🇨🇺 🇪🇸 🇺🇸 https://c.im/@Blanco • Apr 8
@aaronpk Sorry, but extra sleep???

haha I wish! No instead I still got up at 4am but instead of going to the airport and getting breakfast in the lounge, I spent an hour on the phone rebooking the flight

American Airlines Flight 2216 PDX to DFW in Portland, Oregon • 43°F

1 like 1 reply

Mon, Apr 8, 2024 7:03am -07:00
Evan Prodromou https://cosocial.ca/@evan • Apr 8
@aaronpk nooooooooo

I rebooked on an Alaska flight and it looks like we are about to take off! Hopefully I still make it to Dallas in time for the eclipse! 🤞

American Airlines Flight 2216 PDX to DFW in Portland, Oregon • 43°F

1 like 1 reply

Mon, Apr 8, 2024 7:00am -07:00
Kevin Marks https://xoxo.zone/@KevinMarks • Mar 23
@aaronpk does this mean that one of your flights is flying through totality?

Nope! Weirdly I land right as it starts, and I'll be in the airport directly under the path of totality, then getting on the next flight right as it's ending!

Portland, Oregon • 56°F

Fri, Mar 22, 2024 5:32pm -07:00
Aaron Parecki https://aaronparecki.com/ • Mar 20
By complete accident, my layover at DFW next month is 100% within the window of the total solar eclipse! 😮

I'm going to have to bring a bunch of extra eclipse glasses and hand them out to people on the plane 😂

Portland, Oregon, USA • 54°F

1 like

Wed, Mar 20, 2024 1:35pm -07:00
Philip Borenstein https://mastodon.social/@pborenstein • Mar 12
@zachleat White Coat Captioning does the live captions for #WriteTheDocs
Here's a video of how it's done
https://www.youtube.com/watch?v=74D61IulEy0

hey cool I filmed that video! Here's a video of how it's done https://www.youtube.com/watch?v=6lIbph7EhK0

Portland, Oregon, USA

1 like

Wed, Mar 13, 2024 9:57am -07:00
Matt Haughey 🦣 https://xoxo.zone/@mathowie • Mar 13
@aaronpk I was just repeating something I've heard in lots of tech circles, people really love the 100M line because it means you no longer have to care or even be that careful with your money. I know people with 20M that live like retirees and shop at goodwill, afraid they'd ever touch their principal

when I was 10, my goal was $1 million because interest rates were like 6-8% then, and I was like hey I can live on $5000/month from interest alone!

Portland, Oregon • 42°F

1 like

Wed, Mar 13, 2024 9:49am -07:00
Matt Haughey 🦣 https://xoxo.zone/@mathowie • Mar 13
I wrote about billionaires. I didn’t mention how there are no ethical billionaires and I neglected to include a recipe for preparing them with carrots and onions and a nice gravy.
But I did cover just how wildly wealthy a very small number of Americans are, how raising their income tax would barely affect them, and why we should do it immediately.
https://a.wholelottanothing.org/american-billionaires-are-a-policy-failure/

Is it bad that my takeaway from this was "$100 million seems like a good goal"

Portland, Oregon, USA

5 likes 1 reply

Wed, Mar 13, 2024 9:24am -07:00

older

Aaron Parecki

at Prima Vista Lounge