137 lines
6.1 KiB
TeX
137 lines
6.1 KiB
TeX
% =========================================================================== %
|
|
% Encoding: UTF-8 (žluťoučký kůň úpěl ďábelšké ódy)
|
|
% =========================================================================== %
|
|
|
|
\listofappendices
|
|
|
|
\priloha{List of supplemental material}\label{appendix:supplementalmaterial}
|
|
\n{2}{Git signing keys}\label{appendix:signingkeys}
|
|
File name: \texttt{gitsign.pub}\\
|
|
Blake3:\\
|
|
\texttt{af0f319aecd3ca1d1d4002ebd4ebd5f93e6030551a91f3e09664995340208c85}\\
|
|
SHA3-256:\\
|
|
\texttt{8cab97c322c26369437ba365159b14ac4b829056c8974c671fdc57bcba8f518b}\\
|
|
File name: \texttt{surtur.pub}\\
|
|
Blake3:\\
|
|
\texttt{0000000000000000000000000000000000000000000000000000000000000000}\\
|
|
SHA3-256:\\
|
|
\texttt{0000000000000000000000000000000000000000000000000000000000000000}\\
|
|
|
|
\n{2}{ZSTD-compressed tarball of the PCMT source code repository}
|
|
Note: Also contains the git history.\\
|
|
File name: \texttt{pcmt.git.tar.zst}\\
|
|
Blake3:\\
|
|
\texttt{cdc90fb4337150edd6e60bd15a9e35affd67b7ca7e5cc83ef985b8d159ff0fae}\\
|
|
SHA3-256:\\
|
|
\texttt{2cb670cc7ff9b4863f665f329d98a56f6999ae8bdb8f7313b58fb3400ba4f530}\\
|
|
|
|
\n{2}{ZSTD-compressed tarball of the PCMT configuration schema repository}
|
|
Note: Also contains the git history.\\
|
|
File name: \texttt{pcmt-config-schema.tar.zst}\\
|
|
Blake3:\\
|
|
\texttt{6e76f36b05ed953d72d94c8af343e6ac7b572f937a4c0c9deffd0a6eaee5c1a7}\\
|
|
SHA3-256:\\
|
|
\texttt{31604659e8c8624dbcf1f424ae5b9266b39f583c58922ddd24c4611d335c6bbf}\\
|
|
|
|
\n{2}{ZSTD-compressed tarball of the \LaTeX{} sources of this thesis}
|
|
Note: Also contains the git history. The hash digest of this file is omitted to avoid chicken-egg problem when wishing to include its digest here.\\
|
|
File name: \texttt{pcmt-latex-thesis.tar.zst}\\
|
|
|
|
\n{2}{\texttt{gobuster} fuzzing logs}\label{appendix:gobusterFuzzingLogs}
|
|
Note: A ZSTD-compressed archive of the logs.\\
|
|
File name: \texttt{b3sums}\\
|
|
Blake3:\\
|
|
\texttt{0000000000000000000000000000000000000000000000000000000000000000}\\
|
|
SHA3-256:\\
|
|
\texttt{0000000000000000000000000000000000000000000000000000000000000000}\\
|
|
|
|
\n{2}{\texttt{BLAKE3} checksums}\label{appendix:b3sums}
|
|
Note: A list of \texttt{BLAKE3} checksums for the supplementary material
|
|
(excluding the checksum files). Check using \texttt{b3sum -c b3sums}.\\
|
|
File name: \texttt{b3sums}\\
|
|
Blake3:\\
|
|
\texttt{daa4db44f45c68530712765a0ba8b424faa4dfab89b86ef6219988df5918d13c}\\
|
|
SHA3-256:\\
|
|
\texttt{367fa727c7e83710997894959c4d184903a6615a35c0a0756ce25a98c88323f2}\\
|
|
|
|
\n{2}{\texttt{SHA3-256} checksums}\label{appendix:sha3-256sums}
|
|
Note: A list of \texttt{SHA3-256} checksums for the supplementary material
|
|
(excluding the checksum files). Check using \texttt{sha3-256sum -c sha3-256sums}.\\
|
|
File name: \texttt{sha3-256sums}\\
|
|
Blake3:\\
|
|
\texttt{28471bea5c5a0d6a6cce98172b8a22dc9024801c37ce119eb9b12e74b92f1c58}\\
|
|
SHA3-256:\\
|
|
\texttt{66ebbdb20b5459360368d29615e6e80f36bcf464d5519ca08ae651f27a8970bf}\\
|
|
|
|
|
|
\priloha{Whys}\label{appendix:whys}
|
|
|
|
This appendix is concerned with explaining why certain technologies were used.
|
|
|
|
\n{2}{Why Go}\label{appendix:whygo}
|
|
|
|
First, a question of \textit{`Why pick Go for building a web application?'}
|
|
might arise, so the following few lines will try to address that.
|
|
|
|
Go\footnotemark{}, or \emph{Golang} for SEO-friendliness and disambiguating Go
|
|
the ancient game, is a strongly typed, high-level \emph{garbage-collected}
|
|
language where functions are first-class citizens and errors are values.
|
|
|
|
\footnotetext{The Go programming language (\url{https://go.dev})}
|
|
|
|
The appeal for the author comes from a number of features of the language, such
|
|
as built-in support for concurrency and unit testing, sane \emph{zero} values,
|
|
lack of pointer arithmetic, inheritance and implicit type conversions,
|
|
easy-to-read syntax, producing a statically linked binary by default, etc., on
|
|
top of that, the language has got a cute mascot. Thanks to the foresight of the
|
|
Go Authors regarding \emph{the formatting question} (i.e.\ where to put the
|
|
braces, \textbf{tabs vs.\ spaces}, etc.), most of the discussions on this topic
|
|
have been foregone. Every \emph{gopher}\footnote{euph.\ a person writing in the
|
|
Go programming language} is expected to format their source code with the
|
|
official formatter (\texttt{gofmt}), which automatically ensures that the code
|
|
adheres to the one formatting standard. Then, there is \emph{The Promise} of
|
|
backwards\footnotemark{} compatibility for Go 1.x, which makes it a good choice
|
|
for long-term without the fear of being rug-pulled.
|
|
|
|
\footnotetext{Now there is also the promise of \emph{forward compatibility}
|
|
(\url{https://go.dev/blog/toolchain})}
|
|
|
|
\n{2}{Why Nix/devenv}\label{appendix:whynix}
|
|
|
|
Nix (\url{https://builtwithnix.org/}) is a functional programming language
|
|
resembling Haskell and a declarative package manager, which has been used in
|
|
this project in the form of \texttt{devenv} tool (\url{https://devenv.sh/}) to
|
|
create \textbf{declarable} and \textbf{reproducible} development environment.
|
|
The author has previously used Nix directly with \emph{flakes} and liked
|
|
\texttt{devenv}, as it effectively exposed only a handful of parameters for
|
|
configuration, and rid of the need to manage the full flake, which is of course
|
|
still an option for people who choose so. See \texttt{devenv.nix} in the
|
|
repository root.
|
|
|
|
|
|
\priloha{Terminology}\label{appendix:terms}
|
|
|
|
\n{2}{Linux}
|
|
|
|
The term \emph{Linux} is exclusively used in the meaning of the
|
|
Linux kernel~\cite{linux}.
|
|
|
|
\n{2}{GNU/Linux}
|
|
|
|
As far as a Linux-based operating system is concerned, the term ``GNU/Linux''
|
|
as defined by the Free Software Foundation~\cite{fsfgnulinux} is used. While it
|
|
is longer and arguably a little bit cumbersome, the author aligns with the
|
|
opinion that this term more correctly describes its actual target. Being aware
|
|
that there are many people who conflate the complete operating system with its
|
|
(be it core) component, the kernel, the author is taking care to distinguish
|
|
the two, although writing from experience, colloquially, this probably brings
|
|
more confusion and a lengthy explanation is usually required.
|
|
|
|
\n{2}{The program}
|
|
|
|
By \emph{the program} or \emph{the application} without any additional context
|
|
the author most probably means the Password Compromise Monitoring Tool program.
|
|
|
|
|
|
% =========================================================================== %
|