Matt Holt on CaddyServer, the ACME Protocol, TLS
Go Time: Golang, Software Engineering · This episode wins the contest for the most protocols discussed. Matt Holt joined the show to to talk about TLS, Let’s Encrypt, the ACME protocol, CaddyServer, and a host of other important information security issues.
Join the discussion (https://changelog.zulipchat.com/#narrow/stream/455709-gotime) Changelog++ (https://changelog.com/++) members support our work, get closer to the metal, and make the ads disappear. Join today! Sponsors:
• Linode (https://linode.com/changelog) – Our cloud server of choice! We host everything we do on Linode servers. Use the code gotime20 to get 2 months free!
• Fastly (https://www.fastly.com/?utm_source=changelog&utm_medium=podcast&utm_campaign=changelog-sponsorship) – Our bandwidth partner. Fastly powers fast, secure, and scalable digital experiences. Move beyond your content delivery network to their powerful edge cloud platform.
• Equinox (https://equinox.io/gotime) – Build, package and distribute self-updating Go apps to your customers. It’s perfect for CLI tools and on-premise Go software.
Featuring:
• Matt Holt – Website (https://matt.life), GitHub (https://github.com/mholt), X (https://x.com/mholt6) • Erik St. Martin – GitHub (https://github.com/erikstmartin), X (https://x.com/erikstmartin) • Carlisia Thompson – GitHub (https://github.com/carlisia), LinkedIn (https://www.linkedin.com/in/carlisia), X (https://x.com/carlisia) • Brian Ketelsen – GitHub (https://github.com/bketelsen), X (https://x.com/bketelsen)
Show Notes:
• CaddyServer (https://caddyserver.com/)
• Caddy 0.9 Released with All New Core (blog post) (https://caddyserver.com/blog/caddy-0_9-released)
• Papaparse: a CSV parser for the browser (http://papaparse.com/)
• websocketd: Turn any program that uses STDIN/STDOUT into a WebSocket server. Like inetd, but for WebSockets. (https://github.com/joewalnes/websocketd)
• Let’s Encrypt: free SSL certificates (https://letsencrypt.org/)
• PKI (wikipedia) (https://en.wikipedia.org/wiki/Public_key_infrastructure)
• Key concepts of information security: Confidentiality, Integrity, Availability, Non-repudiation (https://en.wikipedia.org/wiki/Information_security#Key_concepts)
• Bulletproof TLS Newsletter (https://www.feistyduck.com/bulletproof-tls-newsletter/)
• ACME Protocole (https://letsencrypt.github.io/acme-spec/)
• Extended Validation Certificate (https://en.wikipedia.org/wiki/Extended_Validation_Certificate)
• Manage TLS certificates automatically via LetsEncrypt.org (https://github.com/rsc/letsencrypt)
• Automated wrapper to add let’s encrypt support to go servers (https://github.com/dkumor/acmewrapper)
Interesting Go Projects and News
• GopherCon Brasil sponsorship prospectus (https://2016.gopherconbr.org/en/GopherconBR2016Prospectus.pdf)
• Hewlett Packard Go AST Scanner (https://github.com/HewlettPackard/gas)
• Static analysis tool for Go that protects against SQL injections (https://github.com/stripe/safesql)
• Synchronization, error propagation, and Context cancelation for groups of goroutines working on subtasks of a common task (https://godoc.org/golang.org/x/sync/errgroup)
• Brad Fitzpatrick’s functest library (https://godoc.org/go4.org/testing/functest)
• Go wrapper for the .NET Core Runtime (https://github.com/matiasinsaurralde/go-dotnet)
• Fatih’s vim-go tutorial (https://github.com/fatih/vim-go-tutorial)
• Keep track of upcoming vim-go features (https://github.com/fatih/vim-go/blob/master/CHANGELOG.md#unplanned)
Free Software Friday
• Brian - Python (https://www.python.org/)
• Carlisia - Exercism good first patches (https://github.com/exercism/xgo/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+patch%22)
• Matt - A QUIC protocol server implementation in pure Go: faster HTTPS communication (https://github.com/lucas-clemente/quic-go)
• Erik - Mosh: the mobile shell (https://github.com/mobile-shell/mosh), Wireshack (https://www.wireshark.org/) Troubleshooting with Wireshark: Locate the Source of Performance Problems (book) (https://www.amazon.com/Troubleshooting-Wireshark-Locate-Performance-Problems/dp/1893939979/) , and TCP Dump (http://www.tcpdump.org/)
Something missing or broken? PRs welcome! (https://github.com/thechangelog/show-notes/blob/master/gotime/go-time-14.md)