things can actually maybe be good, it turns out
November 5, 2025 at 3:40 AM
things can actually maybe be good, it turns out
i have opinions about the ffmpeg security thing but i'm not going to post them, for my own sanity (but i am posting about not posting about it)
November 4, 2025 at 4:13 AM
i have opinions about the ffmpeg security thing but i'm not going to post them, for my own sanity (but i am posting about not posting about it)
trying to come up with a silly toy cryptology problem for something
October 25, 2025 at 2:03 AM
trying to come up with a silly toy cryptology problem for something
genuinely confused why people are so interested in this, but hey whatever
September 23, 2025 at 3:33 PM
genuinely confused why people are so interested in this, but hey whatever
I did a talk at the UK GopherCon last month about what my team does, and I only let my laptop fall asleep twice! www.youtube.com/watch?v=oLtq...
Go Security – Past, Present, and Future - Roland Shoemaker
YouTube video by GopherCon UK
www.youtube.com
September 19, 2025 at 5:26 PM
I did a talk at the UK GopherCon last month about what my team does, and I only let my laptop fall asleep twice! www.youtube.com/watch?v=oLtq...
Reposted
Hi folks, it’s survey time! We’d love to learn more about how you use Go and what could be improved. Share your feedback via our annual developer survey at google.qualtrics.com/jfe/form/SV_.... It should take 10 - 20 minutes to complete, and will be open through September 30. Thank you!
#golang
#golang
Go Developer Survey 2025
Share your feedback about developing software with Go.
google.qualtrics.com
September 16, 2025 at 8:38 PM
Hi folks, it’s survey time! We’d love to learn more about how you use Go and what could be improved. Share your feedback via our annual developer survey at google.qualtrics.com/jfe/form/SV_.... It should take 10 - 20 minutes to complete, and will be open through September 30. Thank you!
#golang
#golang
I recently passed my 5 year anniversary at Google on the Go team (thanks to them for reminding me), which also means it's been about 10 years since I first joined the Let's Encrypt team.
It's been amazing to see the projects grow over those years, and I couldn't be prouder to have worked on them.
It's been amazing to see the projects grow over those years, and I couldn't be prouder to have worked on them.
September 16, 2025 at 6:22 PM
I recently passed my 5 year anniversary at Google on the Go team (thanks to them for reminding me), which also means it's been about 10 years since I first joined the Let's Encrypt team.
It's been amazing to see the projects grow over those years, and I couldn't be prouder to have worked on them.
It's been amazing to see the projects grow over those years, and I couldn't be prouder to have worked on them.
signs you’re having a real normal one
August 13, 2025 at 12:11 PM
signs you’re having a real normal one
a true rarity
I’m on my way to GopherCon UK!
If you want to chat about Go and security, catch me and @roland.zone there, exceptionally in the same physical space!
If you want to chat about Go and security, catch me and @roland.zone there, exceptionally in the same physical space!
August 13, 2025 at 12:08 PM
a true rarity
explaining post tour criteriums to non-cycling people makes you sound fully insane
August 10, 2025 at 7:37 PM
explaining post tour criteriums to non-cycling people makes you sound fully insane
I don't think they post here, but excited to be talking about what the Go Security team does, and why (hopefully) you don't hear much about us, at GopherCon UK in August.
June 30, 2025 at 8:33 PM
I don't think they post here, but excited to be talking about what the Go Security team does, and why (hopefully) you don't hear much about us, at GopherCon UK in August.
Reposted
Here's something I am very excited about: Photosynthesis! 🌱☀️
A proposal to have CAs run transparency logs and make X.509 certificates out of Merkle Tree inclusion proofs.
This is similar to how CT would have worked in an ideal world, and it solves the problem of PQC sizes in logs and handshakes.
A proposal to have CAs run transparency logs and make X.509 certificates out of Merkle Tree inclusion proofs.
This is similar to how CT would have worked in an ideal world, and it solves the problem of PQC sizes in logs and handshakes.
[TLS] Photosynthesis, an update to Merkle Tree Certificates
Photosynthesis combines the Static CT API with the ideas in Merkle Tree Certificates.
mailarchive.ietf.org
June 20, 2025 at 7:11 PM
Here's something I am very excited about: Photosynthesis! 🌱☀️
A proposal to have CAs run transparency logs and make X.509 certificates out of Merkle Tree inclusion proofs.
This is similar to how CT would have worked in an ideal world, and it solves the problem of PQC sizes in logs and handshakes.
A proposal to have CAs run transparency logs and make X.509 certificates out of Merkle Tree inclusion proofs.
This is similar to how CT would have worked in an ideal world, and it solves the problem of PQC sizes in logs and handshakes.
what a successful go tree freeze day looks like
May 21, 2025 at 10:35 PM
what a successful go tree freeze day looks like
i wrote a post about a thing we did with go, it was cool and good go.dev/blog/tob-cry...
Go Cryptography Security Audit - The Go Programming Language
Go's cryptography libraries underwent an audit by Trail of Bits.
go.dev
May 19, 2025 at 5:22 PM
i wrote a post about a thing we did with go, it was cool and good go.dev/blog/tob-cry...
i swear to god amazon does this shit just so they can say they'll deliver stuff quickly and then they're just like ohhh no oopsie we scanned it as delivered two days early our bad
March 21, 2025 at 1:09 AM
i swear to god amazon does this shit just so they can say they'll deliver stuff quickly and then they're just like ohhh no oopsie we scanned it as delivered two days early our bad
the democrats do not give a shit, they're just capitulating on everything
March 14, 2025 at 12:27 AM
the democrats do not give a shit, they're just capitulating on everything
do you have games on your phone
March 10, 2025 at 11:27 PM
do you have games on your phone
I suspect "I'm gonna open source it on a Chinese server" is going to be a permanent addition to my lexicon
i choose to believe this is performance art github.com/openssl/open...
How Does OpenSSL Handle Arbitrary Code Embedded in Certificates? · openssl openssl · Discussion #26890
I have a question for the OpenSSL community regarding the inclusion of arbitrary code within a certificate and its effects on the resulting output. Specifically, I am concerned about the behavior o...
github.com
February 25, 2025 at 6:16 PM
I suspect "I'm gonna open source it on a Chinese server" is going to be a permanent addition to my lexicon
i choose to believe this is performance art github.com/openssl/open...
How Does OpenSSL Handle Arbitrary Code Embedded in Certificates? · openssl openssl · Discussion #26890
I have a question for the OpenSSL community regarding the inclusion of arbitrary code within a certificate and its effects on the resulting output. Specifically, I am concerned about the behavior o...
github.com
February 25, 2025 at 5:50 PM
i choose to believe this is performance art github.com/openssl/open...
very cool to see the team continuing to push boulder to new heights, I don’t think any of us could’ve predicted it’d be responsible for issuing millions of certs a day in 2015 letsencrypt.org/2025/01/30/s...
Scaling Our Rate Limits to Prepare for a Billion Active Certificates
Let’s Encrypt protects a vast portion of the Web by providing TLS certificates to over 550 million websites—a figure that has grown by 42% in the last year alone. We currently issue over 340,000...
letsencrypt.org
February 1, 2025 at 4:21 AM
very cool to see the team continuing to push boulder to new heights, I don’t think any of us could’ve predicted it’d be responsible for issuing millions of certs a day in 2015 letsencrypt.org/2025/01/30/s...