Frank Hecker
@frankhecker.com
747 documents
0 likes
0 shares
Oct 2004 since
View on Bluesky
Enforcing canonical URIs for Blosxom pages

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

As noted in my discussion of [URI rewriting][URI rew], we can use Apache to enforce canonical URI forms for HTML files and directories, but need to use a plugin to enforce canonical forms for URIs handled by Blosxom. I’ve thus written a new [canonicaluri…

Read more →
URI rewriting and canonical URIs

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

Here I document the way in which I use URI rewriting (along with redirection and a couple of Blosxom plugins) to help implement my personal [design philosophy][design] for my web site. My goal is to create a unified URI space within which static and dynamic…

Read more →
Colophon

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

This site is a mixture of static content and dynamic content served through the [Blosxom blogging system][Blosxom]. I use various URI rewriting rules and a number of Blosxom plugins (some slightly hacked) in order to implement the site according to my personal…

Read more →
Mozilla CA certificate metapolicy

I’ve been working on the Mozilla CA certificate policy for some time now. I’ve created a “[metapolicy][]” to help guide how the final policy should look. Note that the metapolicy doesn’t address any of the truly hard issues, like how to evaluate Certificate Authorities that haven’t undergone WebTrust audits or other independent audits. That will have to wait for future work (and time for me to…

Read more →
Accessibility statement for www.hecker.org

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

I’ve tried to make this site accessible to as many people as possible; here I describe the accessibility features of this site. (This statement is based on [Mark Pilgrim’s accessibility statement][Mark].) If you have any questions or comments about the…

Read more →
Validating and caching dynamic content

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

One of the things I enjoy about setting up my own blog with the [Blosxom software][Blosxom] is learning about the deep details of web protocols and formats that I’ve never worried about before. (This might have been the case if I’d used another blogging system,…

Read more →
Patch for atomfeed plugin (UTC dates)

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

I recently experienced a strange problem with the Atom feed on my weblog. My weblog server is running on US Eastern time as the basic time zone, but the story dates in the Atom feed should be expressed in UTC/GMT; the atomfeed plugin has code that supposedly…

Read more →
Full disclosure: for and against

In the course of our discussing the [proposed Mozilla CA certificate policy][propose], [Ian Grigg][Ian Gri] happened to ask about the existing [Mozilla policy on handling security bugs][Mozilla] and how we tried to forge a compromise between people advocating full disclosure of security bugs and people who were opposed to that. (Ian was interested in this because he and [Adam Shostack][Adam Sh]…

Read more →
The lastmodified2 plugin

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

In a previous post I discussed the general problem of [validating and caching dynamic content][validat]. In order to implement the strategy outlined in that post I decided to create a new version of the [lastmodified plugin][lastmod] originally created by [Bob…

Read more →
Design philosophy

UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest.

The basic principles I tried to follow in creating the this site were as follows:

  • The site should be entirely text-based, with minimal or no use of graphics.
  • All web pages on the site should validate as HTML 4.01 Strict.
  • All web pages on the site should be…
Read more →
Patch seemore plugin for full text feeds

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

I use the [seemore plugin][seemore] by [Todd Larason][Todd La] to show only excerpts of entries on my main blog page, index pages for categories, and archive pages, while displaying the entire article on an individual entry’s page. It’s worked well, with one…

Read more →
Syndication feeds

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

If you’d like to receive full-text articles from this site as they are published, you can subcribe to one or more of the following feeds, in the formats indicated; simply cut and paste the URLs into your feed reader of choice. The Atom feeds are preferred; I…

Read more →
Patch for atomfeed plugin (“modified” element for feed)

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

The “official” [atomfeed plugin][atomfee] does not generate valid feeds for the current version (0.3) of the [Atom specification][Atom sp] because the output does not have a “modified” element for the feed as a whole, just “modified” elements for each story. …

Read more →
Blosxom annotations

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

I’ve been investigating using the [Blosxom weblog application][Blosxom] for my personal blog, and felt disadvantaged by my lack of knowledge of Perl (the language in which Blosxom was written). I began making detailed notes while I was reading through the Blosxom…

Read more →
Emptymessage patch for Apache compatibility, etc.

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

When stock Blosxom sees a URL that doesn’t correspond to an existing entry or list of entries, it simply puts up a “normal” page (i.e., using the standard heat and foot templates for that flavour) that doesn’t have any actual content. I really don’t like this…

Read more →
Feel the love: Love/Hate brand scores for Firefox, etc.

I happened to stumble upon a blog post by [Jennifer Rice][Jennife] on “[Love/Hate brand scores"][LoveH]. She did a thoroughly unscientific comparison of common brands based on querying Google for “I love Foo” and “I hate Foo” (similar to [Googlefight][Googlef], but taking the idea a bit further). I’ve recomputed her results and included some brands and products of interest to us.

Here’s the…

Read more →
Draft 8 of Mozilla CA certificate policy

I’ve created a new [draft 8 of the proposed Mozilla CA certificate policy][draft 8]. The main substantive changes are as follows:

  • I changed references to “users” to clarify that we’re referring to users of the products distributed by the Mozilla Foundation through mozilla.org.

  • I added a requirement for CA disclosure of business practices in the form of a Certification Practice Statement. …

Read more →
Copyright and license

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

I’ve done a lot of work related to software licensing as part of the [Mozilla relicensing project][Mozilla] and when I worked at [CollabNet][CollabN]. As a result of enduring endess wrangling about licensing terms I’ve been put off complex licensing schemes, and…

Read more →
Draft 10 of Mozilla CA certificate policy

I’ve posted a new [draft 10 of the proposed Mozilla CA certificate policy][draft 1]. The only substantive changes are as follows:

  • I changed the language on disclosure of financial compensation (i.e., of independent evaluators by CAs) to read “publicly disclose” as opposed to “fully and publicly disclose”; in other words, I dropped the word “fully.”

  • I added a section discussing revision of…

Read more →
Enforcing proper use of trailing slashes

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

I’ve previously blogged about my [canonicaluri plugin][canonic] that checks to see whether the requested URI is in the canonical form for the type of page being requested, and if necessary does a browser redirect to the canonical form of the URI. However the…

Read more →
My new weblog

UPDATE 2023/12/31: This is the first post for my blog after I converted my personal website hecker.org to use Blosxom. I’m including it here for historical interest.

After a long period of neglecting my personal web site, I’ve decided to start my own weblog, with the goal of making it easier for me to publish new material and therefore (I hope) more likely that I’ll actually write more.

My plan…

Read more →
Markdown patch for varying empty element suffixes

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

As noted in a [previous post][previou], I am a big fan of the [Markdown][] text-to-HTML conversion tool. However, nothing’s perfect. I already discussed a [bug involving link ids][bug inv], and I subsequently found one other reason to patch Markdown, for sites…

Read more →
Mozilla’s ECCN for U.S. export control

A while ago someone wrote to [mozilla.org staff][mozilla] asking “What is the ECCN for Mozilla?” For that small fraction of the world’s population who knows what an ECCN is (an “Export Control Classification Number” for U.S. encryption export control regulations) and cares about what Mozilla’s ECCN happens to be, here’s the answer I gave. Note that this is not an “official” answer, but it’s…

Read more →
Draft 7 of Mozilla CA certificate policy

I’ve published a new [draft of the proposed Mozilla CA certificate policy][draft o]. For information on changes from the previous draft please see my posting in the netscape.public.mozilla.crypto newsgroup (aka the mozilla-crypto mailing list).

(Note that I have not yet completed writing the [accompanying FAQ][accompa], but will try to do so in the coming weeks.)

This new draft is intended to…

Read more →
Draft 5 of Mozilla CA certificate policy

I have published a new [draft 5 of the proposed Mozilla CA certificate policy][draft 5]. For detailed line-by-line changes from the previous draft please see my posting in the netscape.public.mozilla.crypto newsgroup (aka the mozilla-crypto mailing list).

(Note that I have not yet updated the [accompanying FAQ][accompa], but will try to do so in the next few days. Unfortunately for various…

Read more →
Using the Markdown plugin

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

In creating my blog I wanted to be able to go beyond plain text entries but avoid having to hand-code HTML. I looked at various schemes for marking up plain text to indicate the presence of links, ordered and unordered lists, preformatted text, etc.

In…

Read more →
Draft 9 of Mozilla CA certificate policy

I’ve created a new [draft 9 of the proposed Mozilla CA certificate policy][draft 9]. The main substantive changes are as follows:

  • I extended the policy’s requirements to cover all CAs, not just new CAs. This puts existing CAs on notice that in the future we can (and I hope will) go back through the list of CA certificates already included in Mozilla-related products and decide whether or not…
Read more →
Markdown patch for link id bug

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

In using [Markdown][] I found one problem, one I’m surprised hasn’t been reported before. (I looked through the [Markdown mailing list archive][Markdow02] briefly, but didn’t see anything on this; perhaps people consider the current behavior a feature, not a…

Read more →
Patch for entries_cache_meta plugin (meta values)

_UPDATE 2023-03-27: This page is obsolete, as it refers to a prior version of this blog. However, it may be of historical interest._

I’ve been using the [entries\_cache\_meta plugin][entries] by [Jason Thaxter][Jason T], mainly for the convenience of specifying the modification date within the entry file. After a while I decided I’d like to also use its “meta” capability, i.e., the ability to…

Read more →
JWZ considered disruptive

I’ve previously thought of [Jamie Zawinski][Jamie Z] not just as an excellent hacker but also as a marketing talent, creator of the original mozilla.org “brand.” (Imagined conversation: “You know, these open source and free software types are all radical anarchists or Marxist hippies; they’ll really go for a [brand image][brand i] that reminds them of [trashing a WTO meeting][trashin]” “Well,…

Read more →
Page 1 Older →