B2B eCom WSF (With a Side of Fries)

Please note that all blog posts before 8 April 2007 were automatically imported from LiveJournal.  To see the comments and any LiveJournal-specific extras such as polls and user icons, please find the source posting at http://brianenigma.livejournal.com/2003/01/

Help Me I Am In [PKI, security, certificate, keychain, RSA, PEM, DER, PKCS12, RC4, MD5, 3DES] Hell.

It used to be that setting up a secure webserver with a nice, valid, SSL certificate was hell. I can now do that blindfolded, in handcuffs (the William Gibson X-Files episode comes to mind now: “Are you gonna take these off, or am I gonna have to do this with my tongue?” “Trust me, you don't want to take a vote.”). Now, I'm trafficking business-to-business messages that are MIME/Multipart strings over SSL connections. Parts of the multipart messages are plaintext, parts are simply signed with any one of a variety of algorithms, and parts are encrypted with a variety of algorithms. Of course, this is determined dynamically at runtime, with the plaintext parts telling what the non-plaintext parts are. Of course, the responses need to be dynamically generated and returned in the same format. Good times!

If everything went well and DNS propogated properly, I should have http://cu.be. As substitute pointed out, I should also have all subdomains (hyper.cu.be, sugar.cu.be, gleaming.the.cu.be, etc). Something tells me that not all went well. …especially after looking at the current whois record.

In other news, after a number of useful patch submissions, I am officially a SoleSeek developer. W00t. And stuff. If I have the time, I will be writing one metric shload of internal/developer documentation this week. There is a lot of debugging to do–file transfers exist in the most recent cvs version, but don't work past the “Hi! Can you send me that file of yours?” request message. Oops.

Posted in: Work

Leave a Reply

Your email address will not be published. Required fields are marked *