Simon Willison's Weblog: hasheshttp://simonwillison.net/2010-03-13T00:06:22+00:00Simon WillisonRedis weekly update #1 - Hashes and... many more!2010-03-13T00:06:22+00:002010-03-13T00:06:22+00:00https://simonwillison.net/2010/Mar/13/redis/#atom-tag
<p><strong><a href="http://antirez.com/post/redis-weekly-update-1.html">Redis weekly update #1 - Hashes and... many more!</a></strong></p>
Hashes were the big missing data type in Redis—support is only partial at the moment (no ability to list all keys in a hash or delete a specific key) but at the rate Redis is developed I expect that to be fixed within a week or two.
<p>Tags: <a href="https://simonwillison.net/tags/hashes">hashes</a>, <a href="https://simonwillison.net/tags/keyvaluestores">keyvaluestores</a>, <a href="https://simonwillison.net/tags/nosql">nosql</a>, <a href="https://simonwillison.net/tags/redis">redis</a></p>
Researchers Show How to Forge Site Certificates2008-12-30T15:27:33+00:002008-12-30T15:27:33+00:00https://simonwillison.net/2008/Dec/30/fake/#atom-tag
<p><strong><a href="http://www.freedom-to-tinker.com/blog/felten/researchers-show-how-forge-site-certificates">Researchers Show How to Forge Site Certificates</a></strong></p>
Use an MD5 collision to create two certificates with the same hash, one for a domain you own and another for amazon.com. Get Equifax CA to sign your domain’s certificate using the outdated “MD5 with RSA” signing method. Copy that signature on to your home-made amazon.com certificate to create a fake certificate for Amazon that will be accepted by any browser.
<p>Tags: <a href="https://simonwillison.net/tags/collisions">collisions</a>, <a href="https://simonwillison.net/tags/ed-felten">ed-felten</a>, <a href="https://simonwillison.net/tags/equifaxca">equifaxca</a>, <a href="https://simonwillison.net/tags/hashes">hashes</a>, <a href="https://simonwillison.net/tags/md5">md5</a>, <a href="https://simonwillison.net/tags/security">security</a>, <a href="https://simonwillison.net/tags/ssl">ssl</a></p>
Django snippets: Sign a string using SHA1, then shrink it using url-safe base652008-08-27T22:18:49+00:002008-08-27T22:18:49+00:00https://simonwillison.net/2008/Aug/27/snippets/#atom-tag
<p><strong><a href="http://www.djangosnippets.org/snippets/1004/">Django snippets: Sign a string using SHA1, then shrink it using url-safe base65</a></strong></p>
I needed a way to create tamper-proof URLs and cookies by signing them, but didn’t want the overhead of a full 40 character SHA1 hash. After some experimentation, it turns out you can knock a 40 char hash down to 27 characters by encoding it using a custom base65 encoding which only uses URL-safe characters.
<p>Tags: <a href="https://simonwillison.net/tags/base65">base65</a>, <a href="https://simonwillison.net/tags/cookies">cookies</a>, <a href="https://simonwillison.net/tags/cryptography">cryptography</a>, <a href="https://simonwillison.net/tags/django">django</a>, <a href="https://simonwillison.net/tags/django-snippets">django-snippets</a>, <a href="https://simonwillison.net/tags/hashes">hashes</a>, <a href="https://simonwillison.net/tags/python">python</a>, <a href="https://simonwillison.net/tags/security">security</a>, <a href="https://simonwillison.net/tags/sha1">sha1</a>, <a href="https://simonwillison.net/tags/signedcookies">signedcookies</a>, <a href="https://simonwillison.net/tags/urls">urls</a></p>