Correct CRL and OSCP URIs along the certificate chain

Only due to private interests and the use in my own network, I create a certificate chain with openssl (root certification body → intermediate certification body → server certificate). I want the certificate chain to be traceable and to be able to revoke certificates.

At the moment, I'm not sure which CRL distribution points (crlDistributionPoints in openssl configuration language) and OSCP URIs (authorityInfoAccess = OCSP;URI: ... and authorityInfoAccess = OCSP;caIssuers: ...) are the correct ones that have to be defined when creating a certificate. When I examine the certificates of some public websites, the following seems the right way to me. Would you please check if I'm right?

Root CA certificate:

  • CRL: Root CA CRL or none at all
  • OCSP-URI: OCSP-URI of the root certification authority or none at all
  • CA issuer: URI of the root CA certificate or none at all

CA intermediate certificate:

  • CRL: Root CA CRL
  • OCSP-URI: OCSP-URI of the root certification authority
  • CA issuer: URI of the root certification authority

Server certificate:

  • CRL: Intermediate CA CRL
  • OCSP-URI: OCSP-URI of the intermediate CA *)
  • CA issuer: URI of the intermediate CA.

*) It appears that an OCSP responder can process OSCP requests for the root and the intermediate CA. If so, I could use the root certification authority's OSCP URI, right?

Therefore, all certificate data "one level higher" must point to the place where their own validity can be checked. Is that correct?

And by the way, is there an OCSP responder that you can recommend? I tried openssl & # 39; s own and that of openca, but both had drawbacks for me.

Thanks in advance!

php – correct use of an interface if two different classes are valid as parameters?

I wrote a small tournament platform in one of my projects, but dealing with participants is a bit chaotic and I want to clean it up.

In my case, a tournament can have participants, but either a user or a team can log in to become a participant. A participant now has a user ID or team ID in the database. Depending on which one is filled in, I determine whether a user is linked to the participant or whether it is a team.

I rewritten the registration part of my tournament model to accept both a user and a team as parameters via an interface and wondered if this was the right way to go.

ICandidate.php

interface ICandidate
{
    public function getName();
    public function hasCorrectGamesSet($tournamentGame);
}

User.php

class User implements ICandidate
{
    private $game;

    public function __construct($game)
    {
        $this->game = $game;
    }

    public function getName()
    {
        return 'Username';
    }

    public function hasCorrectGamesSet($tournamentGame)
    {
        if($this->game != $tournamentGame){
            throw new Exception('Incorrect name');
        };

        return true;
    }
}

Team.php

class Team implements ICandidate
{
    private $users;

    public function __construct($users)
    {
        $this->users = $users;
    }

    public function getName()
    {
        return 'Teamname';
    }

    public function hasCorrectGamesSet($tournamentGame)
    {
        foreach($this->users as $user){
            $user->hasCorrectGamesSet($tournamentGame);
        }
    }
}

Participant.php

class Participant
{
    private $name;
    private $class;

    public function setName($name)
    {
        $this->name = $name;
    }

    public function setClass($class)
    {
        $this->class = $class;
    }
}

Tournament.php

class Tournament
{
    private $participants;
    private $game;

    public function __construct($game)
    {
        $this->game = $game;
    }

    public function signUp(ICandidate $candidate)
    {
        $candidate->hasCorrectGamesSet($this->game);

        $participant = new Participant();
        $participant->setName($candidate->getName());
        $participant->setClass(get_class($candidate));

        $this->participants() = $participant;
    }

    public function getParticipants()
    {
        var_dump($this->participants);
    }
}

With this set, I can register a user or a team, do a little review and, if successful, add them as a participant to the tournament.

logic

$tournament = new Tournament('fifa');

$user1 = new User('fifa');
$user2 = new User('fifa');
$user3 = new User('fifa');
$user4 = new User('fifa');

$team = new Team(($user2, $user3, $user4));

$tournament->signUp($user1);
$tournament->signUp($team);

$tournament->getParticipants();

Is this a correct way to implement this and use the interface?

Database design – is it correct to have status or summary columns in the parent table or should another approach be used?

My parent table is the Jobs table, and there is a child table that records the actions of Job named JobActions as follows:

Jobs (Job ID, JobType, CurrentStage, AssignedTo)

JobActions (JobActionId, Job ID, CreateDate, ActionType, FromUserId, ToUserId, message, detail)

In my grid on the website I list grid columns as follows:

JobId, CreateDate, CurrentStage, AssignedTo, LastActionType, LastActionDate, …

In the grid for calculating the following columns, I use links to the subordinate table (very slow if there are many users and lots of data).

CreateDate ==> First (or minimal) CreateDate from JobActions,

LastActionType ==> ActionType of the last JobActions,

LastActionDate ==> CreateDate of the last (or maximum) JobActions

I have about five columns like this that require a lot of links to JobActions or other tables. So I decided to change the job table as follows:

Jobs (Job ID, JobType, CurrentStage, AssignedTo, CreateDate, LastActionType, LastActionDate)

The last three columns are updated whenever a job action is added to JobActions.

  • Question 1: Is this a correct version (am I denormalized my tables?)
  • Question 2: Should I use triggers for this type of job or should I update it from my code?
  • Question 3: is this the best course of action? Is there a better solution to these types of problems?

Penetration test – correct use of the FakeIKEd tool (fiked) (IPSec attack)

I'm studying IKEv1 + XAUTH + Aggressive Vulnerabilities and found the fiked tool that preshared and group ID knowledge can steal user credentials.
I'm trying to use this tool, but it doesn't work and I can't explain why.
This is my setup:

  • A server in the Docker container (IP 192.168.206.1 in VMnet8)
  • A Fedora virtual machine that works as a client (IP 192.168.206.128 in vmnet8)
  • A virtual Kali machine (IP 192.168.206.133 in VMnet 8)

What I do about potash:

  • Enable IPv4 forwarding
  • arpspoof -i eth0 -t 192.168.206.128 192.168.206.1
  • fiked -g 192.168.206.1 -k group: IpsecVpnPsk -l account.log -L fiked.log

Then I try to connect from the client and it succeeds, but I can't find anything in the log.
Can someone help me understand why and how fiked works?

SP 2013 – What is the correct syntax to add the results of two or more If statements?

I want to create a "scorecard" where the user simply selects "yes" or "no" for each field in the list. Then I would like to assign a point value to "Yes" or "No" and add the point values ​​in a calculated "Total" field call.

"No" values ​​are always zero (0). Here is one of my many iterations – all of which fail:
= (IF ((CEU Completion QTR 1) = "yes", 5.0)) +
(IF ((CEU Completion QTR 2) = "yes", 5.0))

The fields (CEU Completion QTR 1) and (CEU Completion QTR 2) are yes / no fields (check boxes). There are other fields, but when I resolve them, I know how to add the other fields. I know there is a limit of 7 nested fields. I have 14 fields that I need to assign a point value to and add up to a total to avoid more than 7 nested If statements – advice is welcome.

Education – Displays the percentage of users who received a correct / incorrect answer in a quiz

I'm building an educational app and wanted to try increasing engagement to show the percentage of people who chose each question option after the user answered.

Here is an example if my description was not clear.

Question options:

Enter the image description here

After answering the question correctly:

Enter the image description here

After answering the question incorrectly:

This is just a short model, but I wonder if that would encourage or discourage users. Would it increase engagement?

If I don't find an answer, I could try and test A / B and report back, but I was curious to see if anyone had already gone through this.

Even if you know of other case studies for educational quiz apps, that would be great !!

Stay safe, all of you :-]

java – Toolkit.getDefaultToolkit (). getScreenSize () does not get correct values ​​for the screen resolution

I have a problem with this method:

Toolkit.getDefaultToolkit().getScreenSize()

I encode an application in Java with Swing that must be compatible with any screen resolution as it is an application for desktop and mobile devices. I've read how to get the screen resolution, and all refer to this method. I've used it and it works fine for my recommended screen resolution (1920 x 1080), but I've found that sometimes when I change the screen resolution of my monitor (I'm working on a laptop) the method does not get the correct screen resolution (and yes, I confirm the changes when I change the screen resolution in the Windows configuration).

I read about the method, but I realized that it is not useful for what I'm trying (I think):

Toolkit.getDefaultToolkit().getScreenResolution()

My curiosity prompted me to check the method's retrieved values Toolkit.getDefaultToolkit().getScreenSize() and I made this table:

Screen configuration - IntelliJ value

My question here is how can this be possible? Is this a mistake or is there anything left to do to always get the right screen size? I don't understand why I don't always get the right values

Website Design – Toggle Switch Position Correct?

The control should clearly tell the user where to click / swipe and what the result will be.

Take these iOS switches for example:

IOS style controls

Side by side, a user can easily see which setting is activated and which is deactivated. However, if you observe how users interact with them (especially if they are all in the same state or only one exists), you will find them pausing to consider how to change the setting.

Apple deliberately preferred the style of usability (similar to the invisible scroll bars of Mac OS). Once you've learned it, control is obvious, but the beginner has to pause.

If you embed the "value" directly in the control, you are giving a style in the name of clarity. This is less sexy than the iOS example, but the user will understand at a glance what is expected.

In the following example, I reversed the most common position (on right), but nobody will be confused.

I also used a common "positive" color for on. Your use of red for breaks with conventions in a way that can further confuse the user.

Toggles with embedded check and X symbols

* UPDATE * In response to the commentators' observations, I took a second look at my short mock. I think this does a better job of showing the condition. Thanks for the criticism!

Another purely anecdotal finding from me: position the setting label on the left and the control element on the right. This enables the user to scan the label before worrying about the status of the control.

Focus – let's see if my view of the moon illusion is correct

Let's see if my view of the moon illusion is correct:

Enter the image description here

The real cause of the moon illusion?

As shown in the figure, the blue line is the lens, w is the height of the object, x is the height of the image, v is the image distance, u is the object distance and f is the focal length. The red line is the light path.
The relationship between u, v, f is

1 / u + 1 / v = 1 / f

and so

f = uv / (v + u) (1)

The observer's eyes are constant, so v is fixed. The distance between the observer and the object is constant, so u is also fixed. As soon as v and u are fixed, it can be known from equation (1) that f is also fixed. If v is fixed and u decreases, f also decreases.

Knowledge from similar triangles:

x / w = (v-f) / f = v / f-1

and so

x = w (v / f-1) (2)

According to formula (2), x increases when v and w are fixed, when f decreases.

If the observer observes the moon on the horizon due to the influence of mountains and trees, f is smaller than when observing the moon at the zenith. According to formula (2) we can know that x increases as f decreases. The viewer will feel that the moon is larger and closer on the horizon than the moon at the zenith.

I think that's the reason for the moon illusion.

Simple calculation

If you look at nearby trees with your eyes:

u = 200 m (assuming 200 m from the tree)

v = 0.024 m (eyeball diameter, assumed image length)

w = 10 m (provided the tree is 10 m high)

f = uv / (v + u)
= 0.0239971 m

x = w (v / f-1)
= 0.0012 m = 1.2 mm (height of the tree picture)

When you look at the zenith moon (without the influence of trees on the ground) with your eyes:

u = 380000000 m (distance from the observer to the moon)

v = 0.024 m

w = 3476000 meters (diameter of the moon)

f = uv / (v + u) = A (we set this focal length to A)

x = w (v / f-1)
= 0.000219537 m = 0.219537 mm

If you observe the moon towards the horizon with the focal length of the observation tree:

f = 0.0239971 m

x = w (v / f-1)
= 420.067 m

The observation of the moon image on the zenith is 0.219537 mm, and the observation of the moon image on the horizon is 420.067 m, which shows a big difference between the two. So if you use a focal length less than A, the moon will be "enlarged".

Of course, the eyes do not generally observe the moon with a focal length of 0.0239971 m. Because the picture may not be clear. If the image of the moon is not clear at this focal length, the eyes adjust the focal length. Set a focal length that is clear for imaging. This focal length is less than A, but it is the focal length for clear imaging. Since the moon is far away, the depth of field of the moon imaging is very large. Therefore, there is a focal length that is smaller than A and can reproduce clearly. The moon illusion is therefore caused by a relatively short focal length. I think that's why the moon illusion.

reference

https://en.wikipedia.org/wiki/Moon_illusion

magento2 – Magento 2 with Page Builder: How to get correct HTML tags

I recently upgraded from 2.2.5 to 2.3.4

As I can see, CMS blocks now have a page builder. My block data was migrated correctly:

My Custom Title

However, when I press Save, I notice that additional HTML is added:

My Custom Title

As you can see, the symbols for opening and closing are encoded < and >

I still usually call the blocks

$this->getLayout()
->createBlock('MagentoCmsBlockBlock')
->setBlockId('your_block_identifier')
->toHtml();

However, the tags are not converted back correctly. What can I do to ensure that the HTML tags are called correctly?