colmmacc

import random

def choose_unique_N(matrix):
    """Choose N elements from an N x N square matrix, such that;
        1. The elements are chosen at-random
        2. One element per row
        3. One element per column
        4. No duplicate elements
        
       Returns None if and only if there is no set of N elements 

colmmacc

import random
 
def choose_N(matrix):
    """Choose N elements from an N x N square matrix, such that;
        1. The elements are chosen at-random
        2. One element per row
        3. One element per column
    """
    assert isinstance(matrix, list)
    columns =  range( len(matrix) )

colmmacc

Original thread; https://groups.google.com/forum/#!topic/denominator-dev/aOtc4r9TLTI

Just wanted to chime in with some brief suggestions.

Routing precedence

I think the proposals are both ambiguous about the precedence applied between weighting and geo selection. Some providers support just one precedence order between weighted and geo, some support both, and obviously we can never predict what future providers may support.

Geo->Weighted as a use-case makes intuitive sense, a good example is routing everyone on the East coast of the US to a datacenter on the east coast, but then balancing load across multiple endpoints "within" that selection. I think all the providers support this precedence order today.

colmmacc

#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <stdlib.h>
#include <string.h>
#include <stdio.h>

int main(int argc, char ** argv) 
{

colmmacc

Keybase proof

I hereby claim:

• I am colmmacc on github.
• I am colmmacc (https://keybase.io/colmmacc) on keybase.
• I have a public key whose fingerprint is AD0A 9656 5D4A 027F CF43 AD31 843C 9675 D3C0 3962

To claim this, I am signing this object:

colmmacc

#include <openssl/rand.h>

void example() {
  /* Initialize the random subsystem. generally called prior to chroot, may fail if /dev/urandom is not available. */
  RNG_init();
  
  /* alternatively,  a more future-flexible OpenSSL init that calls RNG_init() internally. Similar to SSL_library_init, but more general. */
  OPENSSL_init();
  
  /* Instantiate an RNG  */

colmmacc

Problem statement

x! = (7!)! / 7!  # solve for x

Solution

Let 7! be N. Re-express as

x! = N! / N

colmmacc

Ticket Key Rotation Proposal for s2n

What are session tickets and why do we need them?

In TLS, at a high level there are two phases: a handshake phase where asymmetric cryptography is used by two ends (server and client) to agree on a shared key, and a second phase for data transmission where that shared key is used to encrypt/decrypt data. The first phase is generally more expensive than the second; it's computationally intense to agree on a key, and it takes several network round trips to do.

colmmacc

diff --git a/tls/s2n_connection.c b/tls/s2n_connection.c
index 27a9c04..8a3f42e 100644
--- a/tls/s2n_connection.c
+++ b/tls/s2n_connection.c
@@ -206,6 +206,7 @@ int s2n_connection_wipe(struct s2n_connection *conn)
     conn->mode = mode;
     conn->config = config;
     conn->close_notify_queued = 0;
+    conn->current_user_data_consumed = 0;
     conn->initial.cipher_suite = &s2n_null_cipher_suite;

colmmacc

import sys

def factorial(n):
    if n == 0:
        return 1
    else:
        return n * factorial(n - 1)

def choose(n, m):
    return factorial(n) / (factorial(m) * factorial(n - m))