Aaron Parecki

Sir David Nielsen https://mastodon.social/@DavidNielsen • Jun 5
@aaronpk uh it is made from purest green.

I did add a drop of green food coloring because it looked a bit muddy before 🙃

Portland, Oregon • 62°F

Wed, Jun 5, 2024 10:54am -07:00
Matthias Ott https://mastodon.social/@matthiasott • Jun 5
@aaronpk A bottle a day keeps the doctor away!

Yeah that's pretty much the rate we go thru hot sauce

Portland, Oregon • 57°F

1 like 1 reply

Tue, Jun 4, 2024 9:47pm -07:00
Erlend Sogge Heggen https://writing.exchange/@erlend • May 30
@aaronpk may as well get ahead of it and make OAuth 3.0 now. Sounds like the AI mastermind has already figured out how to make it super duper compliant, like, globally 🫠

Might as well get the AI to write it for me then 😅

Las Vegas, Nevada • 99°F

1 like

Thu, May 30, 2024 5:33pm -07:00
Jason Garber https://mastodon.cc/@jgarber • May 18
@aaronpk I read over your post and a bunch of related links. Really fascinating stuff!
From your post: “All it takes to turn your website into a FedCM-supported site is adding a single `<link>` tag to your home page.”
Can you expand on this? IndieAuth (mostly) requires two `<link>` elements for authorization and token endpoints. What would a singular `<link>` look like in this case?

A few years ago we changed the IndieAuth spec to use a single link tag so that it's easier and also more flexible in the future. This is a good example of taking advantage of that flexibility too. https://indieauth.spec.indieweb.org/#indieauth-server-metadata

Portland, Oregon • 49°F

1 reply

Sat, May 18, 2024 8:03am -07:00
Emelia 👸🏻 https://hachyderm.io/@thisismissem • May 16
@aaronpk am I understanding that in order to use FedCM the RP must perform dynamic client registration with the IdP? I'm unsure of how the `client_id` comes to exist for the RP and not really getting it for the first-sign-in flow?

I just saw your comment on FedCM #585. Since you're diving into the depths of Mastodon OAuth already I'd love to talk about how we can better align IndieAuth OAuth and Mastodon OAuth!

Portland, Oregon • 63°F

1 reply

Thu, May 16, 2024 11:22am -07:00 #585
Emelia 👸🏻 https://hachyderm.io/@thisismissem • May 16
@aaronpk am I understanding that in order to use FedCM the RP must perform dynamic client registration with the IdP? I'm unsure of how the `client_id` comes to exist for the RP and not really getting it for the first-sign-in flow?

It has nothing to do with FedCM actually. In IndieAuth we avoid client registration entirely by using URLs as client identifiers. So the client already knows its client ID, and uses the same client ID at every authorization server it talks to. It's also a natural fit for FedCM since you can use `window.location.origin` for it in the JS call.

Portland, Oregon • 63°F

1 reply

Thu, May 16, 2024 11:15am -07:00
KimberlyHirsh https://micro.blog/KimberlyHirsh • May 15
@aaronpk This is great advice but anyone who tried it for me would be sorely disappointed by the extreme lack of refund.

I have bad news, they just make up whatever numbers they want so that it comes out to getting a refund on your behalf 🙃

Portland, Oregon • 52°F

Wed, May 15, 2024 6:09am -07:00
https://berlin.social/@ir/112438489029794850

Thanks! There's currently no browser API that guarantees the use of secure-element-stored private keys. The best we get now is non-exportable. There's a mention of that here https://datatracker.ietf.org/doc/html/draft-ietf-oauth-browser-based-apps#section-6.3.4.2.2 But as discussed, even hardware-backed keys don't prevent an attacker from starting their own flow in the browser with their own keys.

Portland, Oregon • 47°F

Tue, May 14, 2024 5:32am -07:00
https://mapstodon.space/@arferrand/112438539249720831

Thanks! Mostly I'm doing German so I don't completely forget everything I learned in school.

Portland, Oregon • 47°F

Tue, May 14, 2024 5:29am -07:00
Royce Williams https://infosec.exchange/@tychotithonus • May 14
@aaronpk Legit impressive.

I've been looking forward to this day for a long time

Portland, Oregon • 60°F

1 like

Mon, May 13, 2024 9:05pm -07:00
daniel:// stenberg:// https://mastodon.social/@bagder • Apr 15
Support for RFC 9421 - HTTP Message Signatures in #curl ?
https://github.com/curl/curl/discussions/13376

Yes please! Like TLS, HTTP Signatures should be baked into the HTTP client, not something people have to write at the application layer. This will make it much more accessible!

Portland, Oregon • 42°F

2 likes

Sun, Apr 21, 2024 7:35am -07:00
Eric Likness https://mastodon.online/@carpetbomberz • Apr 21
@aaronpk Must an IP68 rating. One positive side effect of not being easy to repair (full water sealing).

These are second gen which aren't even advertised as "water resistant" unlike the 3rd gen!

Portland, Oregon • 42°F

1 like

Sun, Apr 21, 2024 7:31am -07:00
JohnPhilpin https://micro.blog/JohnPhilpin • Apr 21
@aaronpk and did they survive?

they did! they're not even advertised as water resistant, and the pods fell out of the case too!

Portland, Oregon • 42°F

Sun, Apr 21, 2024 7:30am -07:00
Aaron Parecki https://aaronparecki.com/ • Apr 20
oh no, it finally happened. I left my AirPods in a pocket and they went through the washer and dryer 😱

what the heck, they still work???

Portland, Oregon • 52°F

4 likes 5 replies

Sat, Apr 20, 2024 7:58pm -07:00
Aaron Parecki https://aaronparecki.com/ • Apr 13

at Prima Vista Lounge

Not super impressed with the vegetarian breakfast options here. There's eggs and falafel, but the pancakes are way too sweet. There were only two kinds of cheeses. All the pastries, including the croissants, are smothered in sugar.

Fiumicino, Lazio, ITA • 61°F

Sat, Apr 13, 2024 8:24am +02:00
Jeremy Cherfas https://stream.jeremycherfas.net/profile/jeremy • Apr 10
Wait, what? You’re in Rome?

Yes! Here for an OAuth event!

Roma, Lazio • 60°F

1 reply

Wed, Apr 10, 2024 9:33am +02:00
Evan Prodromou https://cosocial.ca/@evan • Apr 8
@aaronpk so, how did it go?

I made it! Got a peek at the eclipse on the SkyTrain, found a spot in the airport lounge by a window to sit while the shadow came over us, then got back on the train to catch the tail end and made it to the gate right when we were boarding!

American Airlines Flight 240 DFW to FCO in Dallas, Texas • 78°F

1 like

Mon, Apr 8, 2024 3:13pm -05:00
Julio 🏳️‍🌈 🇨🇺 🇪🇸 🇺🇸 https://c.im/@Blanco • Apr 8
@aaronpk Sorry, but extra sleep???

haha I wish! No instead I still got up at 4am but instead of going to the airport and getting breakfast in the lounge, I spent an hour on the phone rebooking the flight

American Airlines Flight 2216 PDX to DFW in Portland, Oregon • 43°F

1 like 1 reply

Mon, Apr 8, 2024 7:03am -07:00
Evan Prodromou https://cosocial.ca/@evan • Apr 8
@aaronpk nooooooooo

I rebooked on an Alaska flight and it looks like we are about to take off! Hopefully I still make it to Dallas in time for the eclipse! 🤞

American Airlines Flight 2216 PDX to DFW in Portland, Oregon • 43°F

1 like 1 reply

Mon, Apr 8, 2024 7:00am -07:00
Kevin Marks https://xoxo.zone/@KevinMarks • Mar 23
@aaronpk does this mean that one of your flights is flying through totality?

Nope! Weirdly I land right as it starts, and I'll be in the airport directly under the path of totality, then getting on the next flight right as it's ending!

Portland, Oregon • 56°F

Fri, Mar 22, 2024 5:32pm -07:00

older

Aaron Parecki

at Prima Vista Lounge