Hm, yes, that sounds annoying indeed. Maybe I just have not encountered such an app/site yet, but louckily, the bitwarden integration has been working flawlessly for me.

Bitwarden / Vaultwarden are OSS and work fantastic across all my devices. IMO it’s more convenient than passwords now, ESPECIALLY if you’d have to enter a 2fa code as well.

Nice, that’s great to hear!

Ah, nice. In that case just beware to move /var/lib/private/conduwuit to /var/lib/private/continuwuity, not /var/lib/conduwuit to its counterpart

Ah crap, forgot to ping you! Sorry!!

Yep, easy decision now. Migration went smoothly, just had to move the state dir and chown it to continuwuity:continuwuity. Might be different on docker though, no idea, sorry 😄

Understandable.

Roger, will do.

Yeah, community driven sounds like unless there’s new drama. But yeah, currently tending towards continuwuity. Purely vibes based from snooping around both repos.

There so much misogyny oozing out of your comment, I think I’ll go disinfect my screen now.

Hope your friend gets convicted for sending unsolicited explicit content 👍

Think about it like this:

• with ansible, you are responsible for making sure that executing the described steps in the described order leads to the desired result

• with nix, you describe what you want your system to look like, and then figuring out how to get there is nix’s problem (or rather, is obvious to nix thanks to nixpkgs)

?

Better open a package request (or pull request :D) then 😄

Just use git… One of the huge advantages of latex over docx is its easy diffability

I host it publicly accessible behind a proper firewall and reverse proxy setup.

If you are only ever using Jellyfin from your own, wireguard configured phone, then that’s great; but there’s nothing wrong with hosting Jellyfin publicly.

I think one of these days I need to make a “myth-busting” post about this topic.

Fair, maybe remove the question altogether, and have dedicated GOV endpoints for specific attestations?

While that’s true from a technical perspective…

How/where do you keep the certificate? If you either need an app for it, or need to manually install it on your device, most users would probably be out. The benefit of my suggestion is that you need absolutely nothing except a way to authenticate with GOV.

2. is a Problem with all of these, that’s for sure.

I fjnt get the part about the info service tbh

As long as your browser saves an auth token or something for GOV somewhere, all of that can happen without user interaction.

I think that at the bare minumum, the PORN<->GOV connection must not occur. How about this (simplified):

• USER visits porn site
• PORN site encrypts random nonce + “is this user 18?” with GOV pubkey
• PORN forwards that to USER
• USER forwards that to GOV, together with something authenticating themselves (need to have GOV account)
• GOV knows user is requesting, but not what for
• GOV checks: is user 18?, concats answer with random nonce from PORN, hashes that with known algo, signs the entire thing with its private signing key
• GOV returns that to USER
• USER forwards that to PORN
• PORN is able to verify that whoever made the request to visit PORN is verified as older than 18 by singing key holder / GOV, by checking certificate chain, and gets freshness guarantee from random nonce
• but PORN does not know anything about the user

There’s probably glaring issues with this, this is just from the top of my head to solve the problem of “GOV should know nothing”.

Not sure. How about this (simplified):

• USER visits porn site
• PORN site encrypts random nonce + “is this user 18?” with GOV pubkey
• PORN forwards that to USER
• USER forwards that to GOV, together with something authenticating themselves (need to have GOV account)
• GOV knows user is requesting, but not what for
• GOV checks: is user 18?, concats answer with random nonce from PORN, hashes that with known algo, signs the entire thing with its private signing key
• GOV returns that to USER
• USER forwards that to PORN
• PORN is able to verify that whoever made the request to visit PORN is verified as older than 18 by singing key holder / GOV, by checking certificate chain, and gets freshness guarantee from random nonce
• but PORN does not know anything about the user

There’s probably glaring issues with this, this is just from the top of my head to solve the problem of “GOV should know nothing”.

Mozzarella (talking about the balls of fresh mozzarella you get sealed in with their brine).

Can’t do store brand anymore after having tried Galbani.

This is hilarious, but also: how could anyone develop such a tool and not at least test it out on their own images? Someone with a public persona no less! Boggles my mind.