| 21 May 2023 |
 raitobezarius | you mean among the latest revisions? | 14:51:46 |
 hexa | yes | 14:51:49 |
| hexa | test takes 1m9s locally fwiw | 14:52:01 |
| raitobezarius | and it passes? | 14:53:09 |
| raitobezarius | I guess it passes because it timeouts otherwise | 14:53:36 |
| hexa | the browser works just fine | 14:54:16 |
| hexa | bumping trunk-combined | 14:56:09 |
| hexa |
9565 builds have been bumped to the front of the queue.
| 14:56:29 |
| raitobezarius | awesome | 15:00:40 |
| hexa | tests succeeded on second try | 15:16:13 |
| raitobezarius | resource contention or weird qemu bug idk | 15:16:40 |
| raitobezarius | this is the true highlight of the release: https://github.com/NixOS/nixos-search/pull/656 don't quote at me | 15:25:20 |
| hexa | wild | 15:28:45 |
 Vladimír Čunát | Firefox tests fail relatively commonly on Hydra. I'm not sure why. I certainly restart them every week. | 15:37:13 |
| Vladimír Čunát | * Firefox tests fail relatively commonly on Hydra. I'm not sure why. I certainly restart them like every week. | 15:37:18 |
 Janne Heß | In reply to @raitobezarius:matrix.org
this is the true highlight of the release: https://github.com/NixOS/nixos-search/pull/656 don't quote at me Now do companies still not do this by default 🙄 | 17:00:04 |
| Vladimír Čunát | In reply to @janne.hess:helsinki-systems.de
Now do companies still not do this by default 🙄 Planning to migrate away from GitHub? | 17:04:49 |
| Janne Heß | In reply to @vcunat:matrix.org
Planning to migrate away from GitHub? We have our company gitlab for a good reason :D | 17:05:17 |
| raitobezarius | OpenSSL 3 or IPv6 ; pick one | 17:12:35 |
| Janne Heß | In reply to @raitobezarius:matrix.org
OpenSSL 3 or IPv6 ; pick one No love for dnssec? | 17:12:58 |
| raitobezarius | I am on https://sockpuppet.org/blog/2015/01/15/against-dnssec/ side but have no strong opinion | 17:13:35 |
| Vladimír Čunát | Getting off topic, but think about how you get a TLS certificate, i.e. how you (securely) validate that someone owns a particular domain... | 17:17:18 |
| Vladimír Čunát | (either way, my opinion is biased) | 17:19:26 |
| raitobezarius | Especially because the world has taken the Let's Encrypt route, I don't have a well formed opinion on whether DNSSEC is the last good piece to secure the whole system | 17:39:11 |
| raitobezarius | (I think your input is very valuable esp. because of that :)) | 17:39:25 |
| Vladimír Čunát | I was trying to make a point that DNSSEC + DNS-01 challenge makes Let's Encrypt certificates way more secure. | 17:50:59 |
| raitobezarius | Ah for DNS-01, OK | 17:51:48 |
| Vladimír Čunát | I do agree that secure address resolution on normal clients is not a big deal, but there are other things in DNS already which make much more sense to secure. (Also DANE exists, but browsers don't want it.) | 17:52:27 |
| Vladimír Čunát | * I do agree that secure address resolution on normal clients is not a big deal, but there are other things in DNS already which make much more sense to secure. (Also DANE exists, but browsers don't want it.) | 17:52:43 |
| Vladimír Čunát | * I do agree that secure address resolution on normal clients is not a big deal, especially because routing can't be made secure enough. But there are other things in DNS already which make much more sense to secure. (Also DANE exists, but browsers don't want it.) | 17:53:37 |
