Welcome to my site, where I keep some of the things that I write, code, photograph and otherwise create.
You can find out more about me, or jump directly to my résumé.
recent thoughts on my blog
- How (Not) to Control Your CDN — In February, Omer Gil described the Web Cache Deception Attack.
- How to Think About HTTP Status Codes — There’s more than a little confusion and angst out there about HTTP status codes. I’ve received
more than a few e-mails (and IMs, and DMs) over the years from stressed-out developers (once at
2am, their time!) asking something like this:
- The State of Browser Caching, Revisited — A long, long time ago, I wrote some tests using XmlHttpRequest
to figure out how well browser caches behaved, and wrote up the
- Ideal HTTP Performance — The implicit goal for Web performance is to reduce end-user perceived latency; to get the page in front of the user and interactive as soon as possible.
- Alternative Services — The IESG has approved “HTTP Alternative Services” for publication as a Proposed Standard.
- Why 451? — Today, the IESG approved publication of “An HTTP Status Code to Report Legal Obstacles”. It’ll be an RFC after some work by the RFC Editor and a few more process bits, but effectively you can start using it now.
- Will there be a Distributed HTTP? — One of the things that came up at the HTTP Workshop was “distributed HTTP” — i.e., moving the Web from a client/server model to a more distributed one. This week, Brewster Khale (of Archive.org fame) talked about similar thoughts on his blog and at CCC. If you haven’t seen that yet, I’d highly suggest watching the latter.
- Snowden Meets the IETF — Last night, we had a screening of CITIZENFOUR at the IETF meeting in Prague, and about 170 people showed up to see the movie about Edward Snowden’s relevations — information that led the IETF to declare such pervasive monitoring as an attack on the Internet itself.