之前的文章中,分析过 Google 和 Cloudflare 的四层负载均衡设计,都是使用了 DSR 的模式,但是在技术细节方面根据自己的业务需求作了不同的决策。今天,我们继续来讨论一种与这两家公司都不一样的设计:美团的 MGW。| www.kawabangga.com
教科书介绍的 TCP 内容通常比较基础:包括三次握手,四次挥手,数据发送通过收到 ACK 来保证可靠传输等等。当时我以为已经学会了 TCP,但是后来在工作中,随着接触 TCP 越来越多,我发现很多内容和书上的不一样——现实世界的 TCP 要复杂一些。| www.kawabangga.com
Socat 魔法:内网穿透| www.kawabangga.com
这是上周在项目上遇到的一个问题,在内网把问题用英文分析了一遍,觉得挺有用的,所以在博客上打算再写一次。| www.kawabangga.com
K1(bandwidth)| www.kawabangga.com
This page describes all of the current and relevant historical Certification Authorities operated by Let’s Encrypt. Note that a CA is most correctly thought of as a key and a name: any given CA may be represented by multiple certificates which all contain the same Subject and Public Key Information. In such cases, we have provided the details of all certificates which represent the CA. Root CAs Our root key material is kept safely offline.| letsencrypt.org
Chrome Root Store| chromium.googlesource.com
In my last couple of posts about CAs and Root Certificates I've talked about something called Alternate Trust Paths. As a result, many people have asked me questions about how a client can use a different intermediate and/or root to the one that issued the certificate and how/why| Scott Helme
Update Feb 05, 2024 It’s been two years, and the Android compatibility cross-sign mentioned below is close to expiring. See our recent blog post for a detailed explanation of the changes coming over the course of 2024. Update September 30, 2021 As planned, the DST Root CA X3 cross-sign has expired, and we’re now using our own ISRG Root X1 for trust on almost all devices. For more details about the plan, keep reading!| letsencrypt.org