authnopuz's comments

authnopuz · 2026-03-09T17:06:02 1773075962

One of the Co-Authors here

There are two elements here. Agent can start a full authorization request with AS through authorization code grant flow, even requiring a step-up or some rich authorization details, therefore whatever OTP by SMS or Magic link is an AS - Subject/Client "problem".

For Agent that cannot start a full authorization request (too costly, to complex, subject directly unreachable at the moment), we have a mention to OpenID Connect CIBA into it. With it, the Agent will start a back channel authorization request with the AS and the AS will use a method of authentication / confirmation with the subject in front channel, for example sending a SMS or sending a link to click. Again the resolution will remain an AS - Subject/Client "problem".

authnopuz · 2025-11-19T03:13:07 1763521987

Nightfall by Asimov was a 7 bodies problem - https://en.wikipedia.org/wiki/Nightfall_(Asimov_novelette_an...

authnopuz · 2025-11-19T03:16:04 1763522164

And to be fair, Liu Cixin's book is a 4 bodies problem :)

Cthulhu_ · 2025-11-19T08:47:08 1763542028

This made me irrationally annoyed, lol. But that was only the start (I've only seen the TV show though)

adastra22 · 2025-11-19T09:05:57 1763543157

Seriously there was so much wrong with that book.

hermitcrab · 2025-11-19T13:58:16 1763560696

There was a lot right with it as well IMHO. It was very original (I've only read the first book so far).

adastra22 · 2025-11-19T16:00:15 1763568015

To each their own, I suppose.

authnopuz · 2025-09-10T13:40:56 1757511656

hug of death? I fear the temperature will get very high in his laundry room

DannyBee · 2025-09-10T13:48:06 1757512086

I'm sure it depends on how much laundry he is doing - his dryer is probably heated entirely by servers.

He can then exhaust the remaining server heat through the dryer vent stack.

debo_ · 2025-09-10T14:29:33 1757514573

Keep going. I love dry humor.

egberts1 · 2025-09-10T19:33:38 1757532818

Its dryer sheets soften the soul.

ArekDymalski · 2025-09-10T15:32:02 1757518322

Untill the exhaust starts "Feeling leaky" I guess.

robofanatic · 2025-09-10T14:27:12 1757514432

Might not even need a dryer :-)

ape4 · 2025-09-10T14:39:53 1757515193

Change it to a sauna?

doublerabbit · 2025-09-10T19:14:12 1757531652

I thought of this a whole ago when I was a Datacentre monkey. In the winter it was pleasant to walk down the hot aisles.

However the exhausted hot air never had the same feel of a sauna. It left the air stale and dry.

authnopuz · 2025-09-10T13:37:41 1757511461

https://archive.is/HA7y4

authnopuz · 2025-06-07T04:25:18 1749270318

The authentication section is very bizarre, the Agent should go through an OAuth(2?) process to finally access server through an API Key? That sounds more painful than bringing a better state of security...

authnopuz · on Feb 20, 2025

Man, we all have been bluffed by this scene

authnopuz · on Feb 4, 2025

Another good source of NHI definitions, concepts, and threats https://nhimg.org/the-ultimate-guide-to-non-human-identities

authnopuz · on Dec 12, 2024

If you consider the newest rfc9068: https://datatracker.ietf.org/doc/html/rfc9068 for JWT profiled Access Token, the list of discrepancies is even longer.

authnopuz · on Dec 12, 2024

Hear. This one! So many of customers have been stabbed in the back with this one