SSL by default

joeyrobert.org is now completely SSL by default. Because TLS is fast enough and StartSSL offers free SSL certificates, I've decided to switch this domain, as well as a few others, to SSL. I think all sites should be switched to SSL by default and that security shouldn't be a feature but a necessity. I'm particularly interested in the arrival of Let's Encrypt, a free automated certificate authority from Mozilla, the Electronic Frontier Foundation and others. Such a service should remove all barriers to entry for everyone to make the switch.

GnuPG and Keybase.io

In other security updates, I've recently started using Keybase.io to verify my social media accounts and host my GnuPG public key. While there have been some detractors from the Keybase.io service, I think fundamentally the founders of Keybase have done their due diligence and it feels like a very well designed system. I opted to not host my private key on their servers, so I only need to rely on my security rather than the security of a third party. This seems to be a trend in my thinking where I would prefer to rely only upon myself rather than the Cloud for hosting my data.

You can download my public key from here or here. Fingerprint: 8603 8B3C 3BE1 5587 1E31 42C7 5C54 64B0 A9E6 B2EE. Any secure communication to me should be encrypted with this key at your discretion.