HTC G1 android phone and tele2

Hardly surprising the G1 works perfectly also in sweden. To configure for tele2 I only configured five items in the APN configuration.
- Name: Tele2
- APN: internet.tele2.se
- MMSC: http://mmsc.tele2.se
- MMS proxy: 130.244.202.30
- MMS port: 8080
After this this phone works like a charm. Buying the phone from google was easy and delivery was fast, only a week.
Now all we have to do is run EJBCA on the phone :-)

To re-encode movies to show on the phone (using cinema app for example) do this on Ubuntu:
- apt-get install avidemux, and start avidemux. Avidemux works great as a mobile media encoder.
- Open the file you want to convert.
- In Video dropdown select MGEG-4 ASP (lavc).
- Click Configure->Encoding Mode->Single pass - bitrate, enter 384 kb/s and click ok.
- Click Filters, double click MPlayer resize, width 480, height 320, click OK then close.
- In Audio dropdown select AAC (FAAC).
- Click Configure and select bitrate 96.
- In Format dropdown select MP4.
- Finally click Save and enter the new filename with .mp4 ending.

Now just make sure you copy the file to sdcard intact.

Zepto Nox A15 and Ubuntu 8.10

On my new Zepto Nox A15 most things work out of the box, except suspend to ram (hibernate works) and screen brightness. I blame the nvidia proprietary driver for this...

This is what I did to get screen brighness settings to work:
-----
First check out the latest nvclock source code:
> cvs -d:pserver:anonymous@nvclock.cvs.sourceforge.net:/cvsroot/nvclock login
> cvs -z3 -d:pserver:anonymous@nvclock.cvs.sourceforge.net:/cvsroot/nvclock co -P nvclock
> cd nvclock
> gedit src/backend/nv50.c
change line 331 from:
if((nv_card->subvendor_id == PCI_VENDOR_ID_SONY) && nv_card->gpu == MOBILE)
to
if(nv_card->gpu == MOBILE)
> ./configure --prefix=/usr
> make
> sudo make install
> sudo cp src/smartdimmer /usr/bin/smartdimmer

Now we have the command so fix up hal so it calls nvclock when the brightness keys on the keyboard are pressed:
> sudo gedit /usr/lib/hal/scripts/linux/hal-system-lcd-set-brightness-linux

if [ -w "$HAL_PROP_LINUX_SYSFS_PATH/brightness" ]; then
echo "$value" > $HAL_PROP_LINUX_SYSFS_PATH/brightness
if [ "$HAL_PROP_LAPTOP_PANEL_ACCESS_METHOD" = "general" ]; then
# if nvidia nvclock command exists, try to use it
if command -v nvclock &>/dev/null
then
#echo " Yes, command :nvclock: was found."
foo="$(((($value +1)*10)+5))"
nvclock -S $foo
fi
fi
exit 0
fi
-----

Done. Now if only suspend would work it would be perfect.
I also have some slight problems with sound settings (volume up/down) that worked at first but not anymore...

Oh I forgot to say...EJBCA works perfect!

EJBCA 3.8.0 released

EJBCA 3.8.0 have a whole range of fixes. One of the most interesting is the improvements in the authorization module, making it much easier to configure administrators and allowing you to use externally issued certificates as administrator certificates (for example from a national id).
This will hopefully get rid of most questions posted asking about problems configuring new administrators.

See http://ejbca.org/ for the download and full changelog.

News was published on Serverside.com.

Simple Certificate Archival solution

Introduction

From syscheck 1.2 and on there is a script-based archival solution.

New and revoked certificates are stored on local disk in a file-tree and optional remote SSH server.

syscheck svn: https://ejbca.svn.sourceforge.net/svnroot/ejbca/trunk/syscheck/

Setup of publisher

Go to: EJBCA Adminweb → ”Edit Publishers” → Add new name: ”Archival publisher”

Select/ enter the following:


Publisher Type: ”Custom Publisher”

Class Path: ”org.ejbca.core.model.ca.publisher.GeneralPurposeCustomPublisher”

Properties of Custom Publisher:

crl.application /path/to/syscheck/related-enabled/902_export_crl.sh

crl.failOnStandardError true

crl.failOnErrorCode true

cert.application /path/to/syscheck/related-enabled/900_export_cert.sh

cert.failOnStandardError true

cert.failOnErrorCode true

revoke.application /path/to/syscheck/related-enabled/901_export_revocation.sh

revoke.failOnStandardError true

revoke.failOnErrorCode true

Use the publisher on CA:s

Go to: EJBCA Adminweb → ”Edit Certificate Authorites”

Select the CA you want CRL archival on, then click on edit CA

At ”CRL Publishers”:

Select ”Archival publisher”

Do this for all CA:s you want CRL Archival for.

Use the publisher on Certificate profile:s

Go to: EJBCA Adminweb → ”Edit Certifcate Profiles”

At: ”Publishers”

Select ”Archival publisher”

Do this for all Certificate profiles:s you want Certifcate Archival for.

Presentation from FSCONS

Johan and Tham went to FSCONS 2008 and presented "Secure communication with open source PKI". It's a basic introduction to PKI and a demonstration of email-signing, Apache client cert authentication and using certs in OpenVPN.



Direct link to the video (use VLC to play it if it doesn't work).

The presentation slides.

EJBCA and BouncyCastle on OSOR.eu eID/PKI/eSignature Community Workshop

I will present a "Lightening talk" on the OSOR.eu eID/PKI/eSignature Community Workshop in Brussels on the 13th of November 2008. The talk will be a short one describing experience from both the BouncyCastle and the EJBCA projects regarding open source usage in the EU. The hope is to give some input what the EU can do to help, or not to discriminate, open source projects/products.
The BouncyCastle part is made by David Hook of Lockboxlabs.

Presentation from Open Standards Forum

You can read and view my presentation from Oasis Open Standards Forum that took place in London in the beginning of October. The event was very interesting, a lot is happening in the standardization and technology arena.

Presentation slides.

Presentation movie (73MB).