@lambadalambda @clacke Indeed we do. But IMHO there is a strong reason why three columns on https://en.wikipedia.org/wiki/Table_of_keyboard_shortcuts#General_shortcuts follow the same pattern, and why all major DEs in the article converge together. Why a text editor thinks it is still too important to follow the rules that have emerged in the last thirty years is beyond me.
@lambadalambda Atom is simply the best for development. Sane controls (so that differs from both emacs and vim!), blazingly fast, extensible, just great. And I'm doing C++, so nothing of that web stuff! @clacke
@clacke oh no, not at all. I think "Let's Encrypt" is doing a wonderful job by lowering the process costs of cert renewal. I'm simply stating that just because you *can* automate the process completely, this doesn't mean that you *should* do it. Crucial parts of any process have to remain within manual overlook - and verifying identities is IMHO verify crucial.
So we disagree on two terms: - No, I don't think full 100% automation of /any process/ is doable on a larger scale for an extended period of time, since you will sometimes fail, and then fail big time. Which is not a problem if you talk about log files, but a very big problem if you talk about certs. Risk is potential damage multiplied with probability of occurrence. (the latter being always ≠ zero) - No I don't think this is a good idea, even unrelated to the feasability. Because of the missing manual oversight.
And that's why "Let's encrypt" only became interesting to me after looking into letsencrypt.sh . Which doesn't need root. @rugk
@clacke Again, there's a difference between assisting and patronizing. If you want to automate ALL the things, why not voting? You have the polls, you known within a certain margin who's gonna be elected, so why not automatize the process? Would be much for error-proof?
The same goes for SSL. Not everything that's doable should also be done. And messing with my nginx.conf or my certs is *my* business alone. (Also, this client doesn't need root. This is just a fancy wrapper for openssl and curl, this really, really, really doesn't need root privileges.) @rugk
@clacke yup, that's why @rugk convinced me that a short lifetime is actually a good thing to get your stuff together. But it's one thing to have assistance as letsencrypt.sh does, or doing the full blown automatic stuff. The first one assists you, the second one puts you under tutelage. And then blows up spectacularly.
@clacke I do automation for a living, so believe me when I say: Automation fails. At the wrong time. In the worst possible way. (I'm currently 10.000 km away from home because of that.) The smaller the things are that you can do manually, the bigger your problem will be. (which is why letsencrypt.sh is worth a look) @rugk
@rugk I don't want an additional client at all, since there already *is* a client for managing CSRs and X509 - it's called OpenSSL. Everything else is redundant. (And if you're concerned about OpenSSL, there are two possibilities: Fixing the bugs or switching to LibreSSL. There's simply no *point* in developing an alternative client if you don't trust your SSL lib, since it *will* have access to your key.)
@benediktg well, "let's encrypt"! 😂 (IMHO, an SSL stack that is dependent on an external tool, that's just plain wrong for me. Good thing @vinzv has gone for RapidSSL for !gnusocialde .)