How/where do you keep the certificate? If you either need an app for it, or need to manually install it on your device, most users would probably be out. The benefit of my suggestion is that you need absolutely nothing except a way to authenticate with GOV.
I think that at the bare minumum, the PORN<->GOV connection must not occur. How about this (simplified):
USER visits porn site
PORN site encrypts random nonce + "is this user 18?" with GOV pubkey
PORN forwards that to USER
USER forwards that to GOV, together with something authenticating themselves (need to have GOV account)
GOV knows user is requesting, but not what for
GOV checks: is user 18?, concats answer with random nonce from PORN, hashes that with known algo, signs the entire thing with its private signing key
GOV returns that to USER
USER forwards that to PORN
PORN is able to verify that whoever made the request to visit PORN is verified as older than 18 by singing key holder / GOV, by checking certificate chain, and gets freshness guarantee from random nonce
but PORN does not know anything about the user
There's probably glaring issues with this, this is just from the top of my head to solve the problem of "GOV should know nothing".
PORN site encrypts random nonce + "is this user 18?" with GOV pubkey
PORN forwards that to USER
USER forwards that to GOV, together with something authenticating themselves (need to have GOV account)
GOV knows user is requesting, but not what for
GOV checks: is user 18?, concats answer with random nonce from PORN, hashes that with known algo, signs the entire thing with its private signing key
GOV returns that to USER
USER forwards that to PORN
PORN is able to verify that whoever made the request to visit PORN is verified as older than 18 by singing key holder / GOV, by checking certificate chain, and gets freshness guarantee from random nonce
but PORN does not know anything about the user
There's probably glaring issues with this, this is just from the top of my head to solve the problem of "GOV should know nothing".
Is it just me or has the number of lunatics on Lemmy really spiked in the past week? I mean, look at this guy... Or have we "finally" been discovered by the disinformation bots?
Ugh yeah, it feels like the show is making fun of Preservation, which kinda undermines the show. Contrary to what others seem to think here, in my opinion the added goofiness really detracts a lot from the show.
All the fear-mongering about exposing jellyfin to the internet I have seen on here boils down to either
"port forwarding is a bad idea!!", which yes, don't do that. The above is not that. Or
"people / bots who know your IP can get jellyfin to work as a 1-bit oracle, telling you if a specific media file exists on your disk" which is a) not an indication for something illegal, and b) prevented by the described reverse proxy setup insofar as the bot needs to know the exact subdomain (and any worthwhile domain-provider will not let bots walk your DNS zone).
(Not saying YOU say that; just preempting the usual folklore typically commented whenever someone suggests hosting jellyfin publicly accessible)
About the only thing holding me back is that my phone runs a continuous glucose monitor, constantly connecting with a small sensor in my arm. That all quietly dying in the background would just... not be an option.
Neovim, because I wanted something that would not just disappear.
I never really got along with VSCode, opting for Atom instead. Microsoft bought GitHub, which owned Atom, and promptly discontinued it.
Nvim has such an active community (and no "owner") that I'm certain that this won't happen again. At the same time, the plugin system is so flexible that I'm also certain that I will never miss out on any shiny new features.
Over the years, my config has matured, and is mine. The thought of going back to an editor, any editor, less flexible in its configuration than nvim is just... an absolute "no".
Consider this me asking