Welcome to my site, where I keep some of the things that I write, code, photograph and otherwise create.
You can find out more about me, or jump directly to my résumé.
recent thoughts on my blog
- Do you Trust Australia? Part Two — After a couple of sleeps, I think my concerns about the proposed Assistance and Access Bill 2018 (see Tuesday’s post for background) have crystallised.
- Do you Trust Australia? — Update: see also Part Two
- How to Read an RFC — For better or worse, Requests for Comments (RFCs) are how we specify many protocols on the Internet. These documents are alternatively treated as holy texts by developers who parse them for hidden meanings, then shunned as irrelevant because they can’t be understood. This often leads to frustration and – more significantly – interoperability and security issues.
- How (Not) to Control Your CDN — In February, Omer Gil described the Web Cache Deception Attack.
- How to Think About HTTP Status Codes — There’s more than a little confusion and angst out there about HTTP status codes. I’ve received
more than a few e-mails (and IMs, and DMs) over the years from stressed-out developers (once at
2am, their time!) asking something like this:
- The State of Browser Caching, Revisited — A long, long time ago, I wrote some tests using XmlHttpRequest
to figure out how well browser caches behaved, and wrote up the
- Ideal HTTP Performance — The implicit goal for Web performance is to reduce end-user perceived latency; to get the page in front of the user and interactive as soon as possible.
- Alternative Services — The IESG has approved “HTTP Alternative Services” for publication as a Proposed Standard.