“The book is underway.” What does that mean? The first half is largely done. The Windows stuff is PowerShell. The Debian stuff uses ip. FreeBSD is the reference Unix. I wrote a chapter on what folks need to know about TLS, to go in the middle. I sadly sent that to Bob Beck for his comments. I understand where TLS has been, but Bob has good insight into where it will be.
Bob’s a good guy, but he also has cause for a lawful quarrel with me. Whenever I start to feel depressed, I listen to that recording of the BSDCan 2019 closing ceremony. That man screaming “LUCAS” in tones of rage and despair? That’s Bob.
He can now declare himself avenged.
If I’m talking modern TLS and modern networks, I really need to address QUIC. Not long ago, QUIC was largely theoretical for sysadmins. None of our common applications supported it. Yes, half of the traffic to Google went over QUIC, but I couldn’t deploy it. It merited a paragraph or two, no more.
Turns out that nginx main release now supports quic. I can reasonably deploy it. Except I’m using Apache. I’ve been running web servers since well before nginx, and never saw a reason to change. Yes, yes, Apache has issues, but I’m accustomed to its odd little habits and even the thing with the whirling razor blades followed by vinegar mist.
Could I skate by with three or four paragraphs on QUIC? Many tech authors do. I have this career because I don’t skate through, however. So I get to migrate my systems to nginx. Or perhaps stick an Envoy proxy in front of the web server. Haven’t decided yet. I’ll probably talk through the decision on the fediverse.
But it’s all Bob’s fault.
On the plus side, I have a sketch of the n4sa2e challenge coin. It’s not final, but it’s the way I’m leaning now.
For the two people who care: this coin’s featured rodent is Willoughby. Lara Jean did a great job of capturing his character.
The only way you’ll get one of these coins is by becoming a print sponsor. Your backing will sustain me as I struggle with envoy. Or nginx. Probably both, then one.
I think the rest of the book will go quickly. You still shouldn’t nmap addresses you don’t control. DNS hasn’t changed, nor traceroute, nor netcat. I have to weave some TLS throughout, of course, which makes the netcat part a pain. (Standardize Netcat Flags and Give It TLS Challenge 2025!)
But at least Bob will have the pleasure of hearing me scream “BECK!” in blended rage and despair.
Oh, OK, this is apparently a different Bob Beck than the Colloidal Silver Generator one. Thought for a second my late father’s documents that I’m currently scanning were starting to actively warp my reality.
I hate to ask and truly don’t know: will sysadmins need to know about post-quantum cryptography?