Intro to SSL Certificates

The web is great. You can talk to people on the other side of the planet and not even notice a delay. But that one connection goes through numerous unknown machines from you to them and back again. Some formats like email can even leave copies of themselves laying all over the world. That super embarassing secret you’re telling your best friend, your credit card or banking details, some things you just don’t want other people to know. That’s where Secure Socket Layers (SSL) Certificates come in.

Stay with me, I’m going to avoid most of the tech talk, but I hope to explain how they work for websites. Basically it’s the difference between http:// and https:// at the start of a website address. http:// means everything is straight-forward, and in the clear. Including, usually, passwords. https:// on the other hand means you are connected through SSL, and the communication is encrypted. Meaning people trying to overhear your digital conversation can’t make out what’s going on. (But note, as someone on twitter said, https:// means “private”, not “to be trusted”, afterall you might be having a private conversation with Satan.)

Whenever you’re doing something important on the internet it is a good idea to check for https:// and other indicators like little padlock symbols your browser displays. And to take heed of certificate warnings from websites you have visited before.

But, how does this encrypted conversation happen? Even with a website you’ve never been to before? Well, there are things called Certification Authorities (CAs). These are trusted-third parties (usually companies) who vouch for the correctness of the SSL cert. They can do this because they have a proven track record, and the people who make your browser (Microsoft, Apple, Mozilla, etc) saw fit to include their root certs in your browser by default. Want to see all the CAs trusted by your browser? I’m using FireFox, but you can easily find the coressponding values in your browser, or through a quick internet search. Open up Tools->Options, go to the Advanced tab, and then the Encryption sub-tab.

If you click the “View Certificates” button you open up the Certificate Manager in another window.

You can see the long list of CAs under the Authorities tab. (There are other tabs with other kinds of certs as well, but we’ll leave them for a future post.) Bet you didn’t realise you were so trusting.

So what does all this have to do with TOG? You’re probably viewing this site through http://www.tog.ie, but we also have a https:// version of the site available as well. … If you just tried it you’ve probably gotten a warning from your browser, telling you that we can’t be trusted. Well, that’s up to you to decide, but let me explain about the cert.

Most of the CAs prepopulated in your browser are commerical entities. They charge money for their services. They also often require a lot of personal information to get a cert (so that they can determine trustworthiness). TOG has server admins that care about privacy and non-commerical alternatives. Our cert comes from CAcert.org, an organisation with similar values. But, CAcert is not included in any browsers CA lists, yet. So when you visit https://www.tog.ie you get the warning: “The certificate is not trusted because the issuer certificate is not trusted.”.

To avoid getting these warnings everytime you can permanently add the cert for tog.ie to your browser (via the warning screen itself). Or, to trust any site with a cert from CAcert, go to CAcert and import their root certificate. On that page you’ll find three types of certs. What you want is the Class 1 PKI Key root cert, probably in PEM format.


When you click on the cert you may be prompted as to what purposes you wish to accept this cert. For our purposes “Trust this CA to identify websites” is fine. Then that’s it. You trust one more CA, and can visit SSL secured sites that use its certs without warnings getting in your way.

Phew, that was a mouthful, time for a cup of tea.

Intro to Mailing Lists

I’m sure you’ve come across mailing lists before; a service to which you subscribe, and when someone posts to the list you get the email. TOG has a public mailing list, that strictly speaking operates as a discussion list. Anyone subscribed can post to the list, on-topic discussion is encouraged, and you will get more than just anouncements.

The Mailman GNU logoTo join our mailing list simply go to http://lists.tog.ie/mailman/listinfo/tog, enter your email address, and press the “Subscribe” button. A confirmation email will be sent to the address you entered, to which you can either reply, or click the link included. You will then receive a Welcome email, with info like links for subscription info, passwords, etc. It’s a good idea to keep this email around.

Perhaps the only real choice you need to make is whether or not you would like to receive list mail in daily digest format.
Pro; seperate emails will be bundled together and sent as one mail, therefore you will have less emails in your inbox.
Con; seperate emails will be bundled together and sent as one mail, meaning you might not see the discussion until after it’s over, and you will have difficulty replying to individual emails (quite a bit copy-pasting is involved).

If you plan to lurk and only ever read, and don’t mind being a bit behind the times, then digest-mode might be for you. For everyone else we recommend selecting “No” when asked if you’d like to receive the daily digest. It will make your life a lot easier, promise.

There are other tricks and techniques to making surviving a mailing-list easier, but many come down to your actual mail-client itself. For instance, if offered, use labels, filters, folders, anything to sort the mail automatically without you having to do anything. That way you can leave the mail sitting in your inbox (or other folder) until you’re ready to deal with it.

And remember, the tog public mailing list is archived. To browse the archives go to http://lists.tog.ie/pipermail/tog/, and browse month-by-month, sorted by Thread, Subject, Author, or Date. If browsing isn’t for you and you’d like to search the archives, it’s time to employ some google-fu;

Go to www.google.ie and enter;
site:lists.tog.ie inurl:/pipermail/tog/ WHATYOUWANTTOSEARCHFORHERE
e.g. to search for “open social”, then do a google search for
site:lists.tog.ie inurl:/pipermail/tog/ open social

There you go, that should be enough to get you started! Just one other thing; don’t forget your manners, and try to follow good netiquette.

Welcome to the mailing list.

(And remember, you can always unsubscribe! Bottom of page here. A few simple clicks can take the pain away 🙂

Intro to IRC

One of the primary ways tog members (and non-members) interact when not in the space is over irc. IRC stands for Internet Relay Chat, and is an old text-based way to chat online.

TOG has a channel (#tog) on freenode.net, which is free to use. To connect you can download a client (like Pidgin), or just use the webchat interface from your browser. But we like to make things easy for people, so on our Contact page you’ll find the webchat interface, but pre-filled in to connect to the #tog channel. All you have to do is fill in the reCaptcha and hit connect.

You’ll see that we have generated a nickname for you, but you are welcome to change it to any nickname (that isn’t currently in use or registered to someone else). If you do try to use a nickname that’s in use you’ll get this message;
== Nickname is already in use: popularNickName
And it will be changed, perhaps by appending an underscore to the end, e.g. popularNickName_

If the name is already registered (aka claimed) by someone else, you will get a message like this;
== This nickname is registered. Please choose a different nickname, or identify via /msg NickServ identify password.
(If it is your nickname, then you can ‘sign in’ by typing /msg nickserv identify yourpassword)

Once in the room, you can still change your nickname with /nick newNickName

You will notice two tabs at the top of the webchat window, one called ‘Status’ and one called ‘tog’. Any additional rooms you enter, or private chats you start, will open in new tabs. Under ‘tog’ you will see the message;
== TOGvisitor1 [1a2b3c4e@gateway/web/freenode/ip.x.x.x.x] has joined #tog

From here it’s very simple. You type into the text-entry-box at the bottom of the tog tab, and press enter to send it to the room. If you type someones name, your message will be highlighted (usually in red) for them. Some clients also send notifications, but not all. You will see this in action when someone writes your nickname.

If you click on someones nickname from the list on the right, you will get two options; whois and query. whois brings up info like ip-address, servers, name, etc, most of which is rarely accurate. query will start a private chat with that person.

If you can’t quite find the words, but could like to describe an action there is /me, for example, /me waves hello becomes;
* TOGvisitor1 waves hello

Then, when you tire of all this chatting, you can leave the room with /part, and disconnect from IRC with /quit. Then just close the browser.

There are many irc guides and commands around that a search engine can help you find, or you can use this helpful guide.