Delete   Set public   Set private   Add tags   Delete tags
  Add tag   Cancel
  Delete tag   Cancel
Daily Weekly Monthly

Daily Shaarli

Previous day
All links of one day in a single page.
Next day

May 27, 2025

Optional HTML: Everything You Need to Know · Jens Oliver Meiert
html programming
Réseaux téléphonie et internet -Passage au Très haut débit : la fin de l'ADSL au profit de la fibre optique | Service-Public.fr
internet fr 2026 news
List of "tech for good" job boards
job dev
You can style alt text like any other text - Piccalilli
css programming
Note: Peur et blessures

Mes peurs se situent rarement au bon endroit. La blessure provient presque toujours d’un ailleurs insoupçonné. — Ibid.

citation psychologie
Renoncement — David Larlet

Des notes réfléchies desquelles j'ai créé certains shaare plus récent

thoughts
JOSE (JSON Object Signing and Encryption) Framework | by mustafa halil yıldız | Apinizer | Medium

[Summary generated by ChatGPT]

The article provides an overview of the JOSE (JSON Object Signing and Encryption) framework, a family of standards for securing JSON-based data and communications. It explains the major JOSE components and how they work together.

Key Components

  • JWS (JSON Web Signature): Adds a digital signature to JSON data to ensure integrity (the data wasn't altered) and authenticity (it came from the expected sender). A JWS contains a header, payload, and signature. It does not encrypt the content, so anyone can read it.

  • JWE (JSON Web Encryption): Encrypts JSON content to provide confidentiality. The article describes the typical process: generate an encryption key, encrypt the payload, encrypt the key for the recipient, and package everything into a JWE structure containing metadata, encrypted key, initialization vector, ciphertext, and authentication information.

  • JWK (JSON Web Key): A standardized JSON representation of cryptographic keys. JWKs can represent RSA, EC, symmetric, and other key types, and include metadata such as key type, algorithm, usage, and key ID. They are used by JWS and JWE for signing, verification, encryption, and decryption. ([Medium][1])

  • JWT (JSON Web Token): A compact token format commonly used for authentication and authorization. A JWT consists of:

    1. Header (algorithm and token type)
    2. Payload (claims/data)
    3. Signature (verification data)
      JWTs allow systems to securely transmit user identity and permissions without repeatedly querying a database. The article emphasizes that JWTs should still be used over secure channels such as HTTPS.

  • JWA (JSON Web Algorithms): Defines the cryptographic algorithms used by JWS and JWE for signing, encryption, and key management.

Security Goals Addressed by JOSE

The framework is designed to support four common security objectives:

Objective Provided By
Integrity JWS
Authenticity JWS
Confidentiality JWE
Non-repudiation Primarily via digital signatures

([Medium][1])

JWE vs. HSM

The article briefly compares JWE with Hardware Security Modules (HSMs):

  • JWE protects data in transit through encryption.
  • HSMs are physical devices that securely store and manage cryptographic keys and perform cryptographic operations.
    They solve different security problems and are often complementary.

Main Takeaways

  • Use JWS when you need proof that data has not been modified.
  • Use JWE when the data must remain secret.
  • Use JWK to exchange and manage cryptographic keys in a standardized format.
  • Use JWT to package claims or identity information in a compact, signed (and optionally encrypted) token.
  • JOSE provides interoperable, language-agnostic standards that are widely adopted across industries for secure API and application communication.

In one sentence: JOSE is a toolkit of standards that lets developers sign, encrypt, manage keys, and securely transmit JSON-based information in a consistent and interoperable way.

chiffrement json programming
Write HTML, the HTML Way (Not the XHTML Way) · Jens Oliver Meiert
html programming
Security Vulnerabilities fixed in Firefox 139 — Mozilla

Update ASAP to Firefox 139

security news firefox
Google Decided Against Offering Publishers Options in AI Search - Bloomberg

Sounds like a mafia:

  • you will exist in Google search results but the content is given to Google's AI
  • or you won't
google
The magic developer wand... | Go Make Things

Do not accept “we’ll figure that out later” as a response to pointing out meaningful problems. It’s a con.

Solve the problems or abandon the project.

citation dev
Note: Tester la confiance

On ne peut jamais savoir qui sont nos véritables ennemis avant de leur avoir fait confiance. — Frappabord, Mireille Gagné

citation psychologie
A Quick Guide to Everything I Know about Webmentions
webmention POSSE Mastodon bluesky
Grandeurs et unités - système d'unités pifométriques
vocabulaireFr pdf
The Magic of the Most Minimal HTML Possible (and Why We Don’t Make Use of It) · Jens Oliver Meiert
html thoughts
Firefox 139 accélère sur le HTTP/3 - Next

De meilleurs performances en HTTP/3.

Le fond d'écran de la nouvelle page d'onglet peut aussi être personnalisé.

10 failles de sécurité corrigés.

firefox news 2025
CSS Minecraft
css project game
Google’s AI Is Burying the Web Alive

We're about to reach the ultimate stage: after massively rotting the web with centralized silos in which they locked up their users before monetizing them, Silicon Valley's billionaires finally don't really want you to go and read the web they've ingested, and prefer you to talk to their AIs. That way, you'll never leave their website.

I think Google knows very well that traditional search is dead, because of SEO and AI. There's no way to give "good" results anymore, because you can't tell if a site is legitimate or just an AI creation.
Since everything that's produced is no longer discernible from AIs, they might as well serve the content themselves: at least they control the AI. Paradigm shift:
"Users only use the first page of Google results"
to "Users only use Google."

web google