mnot’s blog

Design depends largely on constraints.” — Charles Eames

Thursday, 6 December 2018

Eight #aabill Predictions

As I write this, the Australian Senate is in the final stages of passing the Assistance and Access Bill 2018 (with some but not all amendments).

this entry’s page

Thursday, 6 December 2018

Australian Assistance and Access Bill 2018: Amendments

In a great hurry, Australia’s house of representatives today passed the controversial Assistance and Access Bill 2018. However, there were some last-minute amendments slipped in. Currently, it’s being debated in the Senate.

this entry’s page

Tuesday, 27 November 2018

Designing Headers for HTTP Compression

One of the concerns that often comes up when someone creates a new HTTP header is how much “bloat” it will add on the network. This is especially relevant in requests, when a little bit of extra data can introduce a lot of latency when repeated on every request.

this entry’s page

Thursday, 15 November 2018

Do you Trust Australia? Part Four

On 20 August, I went to Canberra to participate in an Internet Society experts' panel on encryption.

this entry’s page

Sunday, 19 August 2018

Do you Trust Australia? Part Three

Not that long ago, the US government attempted to compel Microsoft to reveal a customer's data that was located in Ireland.

this entry’s page

Thursday, 16 August 2018

Do you Trust Australia? Part Two

After a couple of sleeps, I think my concerns about the proposed Assistance and Access Bill 2018 have crystallised.

this entry’s page

Tuesday, 14 August 2018

Do you Trust Australia?

This morning, the Australian Department of Home Affairs released the Assistance and Access Bill 2018 for consultation.

this entry’s page

Tuesday, 31 July 2018

How to Read an RFC

For better or worse, Requests for Comments (RFCs) are how we specify many protocols on the Internet. These documents are alternatively treated as holy texts by developers who parse them for hidden meanings, then shunned as irrelevant because they can’t be understood. This often leads to frustration and – more significantly – interoperability and security issues.

this entry’s page

Wednesday, 7 June 2017

How (Not) to Control Your CDN

In February, Omer Gil described the Web Cache Deception Attack.

this entry’s page

Thursday, 11 May 2017

How to Think About HTTP Status Codes

There’s more than a little confusion and angst out there about HTTP status codes. I’ve received more than a few e-mails (and IMs, and DMs) over the years from stressed-out developers (once at 2am, their time!) asking something like this:

this entry’s page