alt.hn

3/28/2025 at 12:10:53 AM

Operationalizing Macaroons

 https://fly.io/blog/operationalizing-macaroons/

by todsacerdoti

3/31/2025 at 12:48:16 AM

> So I did the hipster thing and implemented Noise.

> [...]

> Out of laziness, we kept the Noise stuff, which means the interface to tkdb is now HTTP/Noise.

Yikes, I wager it was more difficult to get this thing working than HTTPS because they surely have an existing solution for nearly everything else. It smells more like a developer being reluctant to delete their own code. There's an unaudited cryptography stack in their authentication path.

You are not your code.

by zamalek

3/31/2025 at 1:40:45 AM

One might assume the cryptographic code was somewhat audited by Thomas Ptacek.

by pkhuong

3/28/2025 at 4:43:51 AM

I wasn’t super interested in the topic but enjoyed the style of writing and completed the article.

I learned a few things I hadn’t planned on learning :)

by jmathai

3/30/2025 at 7:16:18 PM

I assume the token gets its name from figure one in this paper: https://www.ndss-symposium.org/wp-content/uploads/2017/09/04...

Which angers me, because that's a macaron, not a macaroon.

by KPGv2

3/31/2025 at 12:05:25 AM

Reminds me of the time I suggested to my cousin's new girlfriend (gentile) that she bring macaroons (a standard kosher-for-Passover dessert) to our Passover seder and instead she brought macarons (delicious but not kosher for Passover). We all had a laugh.

by viciousvoxel