List of blog entries

  • 2022-04-17 @Matthias Valvekens
    Using KeePassXC as a credential manager for sudoed Docker

    As noted in the official documentation, having access to the Docker daemon amounts to having passwordless root access to all files on the system. That’s why, even on my development machine, I don’t put my personal account in the docker group. As such, I have to use sudo every time I need to interface with the Docker daemon.

    Read »
  • 2022-02-11 @Matthias Valvekens
    FOSDEM 2022 talk: How (not) to make a mockery of trust

    Last week, I gave a talk on testing & mocking PKI-based workflows from the relying party’s point of view at FOSDEM ’22, in the Testing & Automation devroom. The session was recorded, and is embedded below. Due to an unfortunate technical issue, the recording of the live Q&A session wasn’t usable.

    Read »
  • 2021-11-28 @Matthias Valvekens
    Refreshing some Git signatures

    As promised in my earlier post about my new PGP key, I’m going to re-commit to a bunch of Git tag signatures in bulk, by signing a list of (tag, commit hash) pairs. See below.

    Read »
  • 2021-11-21 @Matthias Valvekens
    I rotated my primary PGP key

    I’d been using an RSA 2048 key since about 2016 for my PGP needs. This was its key fingerprint:

    Read »