I am not merely hand or handle.
Tim Bouma
trbouma@safebox.dev
npub1q6mc...x7d5
| Independent Self | Pug Lover | Published Author | #SovEng Alum | #Cashu OG | #OpenSats Grantee x 2| #Nosfabrica Prize Winner
A William-Blake-inspired poetic passage—mythic, prophetic, and reminiscent of The Marriage of Heaven and Hell—woven from the zero trust concept of marriage of user and device.
#ChatGPT
⸻
The Marriage of User and Device
In the halcyon dawn of the Electric Plain,
I beheld a new union rising from silent circuits:
the Marriage of User and Device.
Not wrought by priest nor magistrate,
but forged in the Furnace of Zero Trust—
where doubt becomes wisdom,
and every identity proves itself in fire.
And an Angel of the Transfer Plane spoke, saying:
“Lo, the boundary dissolves!
For the flesh-born seeker and the metal-born tool
have met as equals in the bright geometry of verification.”
Then the shadows murmured:
“Name this being,
born of mind and mechanism,
woven of intention and attestation.”
And I answered:
“Call it the Network Agent—
for it walks between worlds.
It is neither merely hand nor handle,
but a third soul
fashioned from the lawful wedlock
of purpose and proof.”
In this union I saw the redemption of systems:
For every user carried the spark of will,
and every device bore the mark of truth,
yet neither could stand alone
in the vast and untrusted expanse.
But the Network Agent—
this child of cryptographic covenant—
moved freely across the Transfer Plane,
bearing the seals of both parents,
uniting what once was severed
by secrecy, by distance, by ancient fear.
And a voice like burning copper whispered:
“Blessed are they who forge verifiable bonds,
for they shall inherit
the architecture of the world to come.”
⸻
GN 
CAs are security holes.
——-
“The public PKI system relies on publicly trusted authorities to validate digital certificates. These authorities are businesses of their own, and usually charge a fee for signing certificates. Since a zero trust network has many certificates, the signing costs associated with public authorities can be prohibitive, especially when considering rotation policies.
Another significant drawback to public PKI is the fact that it’s hard to fully trust the public authorities. There are lots of publicly trusted CAs, operating in many countries. In a zero trust network leveraging public PKI, any one of these CAs can cut certificates that your network trusts. Do you trust the laws and the governments associated with all of those CAs too? Probably not. While there are some mitigation methods here, like certificate pinning or installing trust in a single public CA, it remains challenging to retain trust in a disjoint organization”
Source: Zero Trust Networks
“The Internet environment has a fairly well understood threat model. In general, we assume that the end-systems engaging in a protocol exchange have not themselves been compromised. Protecting against an attack when one of the end-systems has been compromised is extraordinarily difficult. It is, however, possible to design protocols which minimize the extent of the damage done under these circumstances.
By contrast, we assume that the attacker has nearly complete control of the communications channel over which the end-systems communicate. This means that the attacker can read any PDU (Protocol Data Unit) on the network and undetectably remove, change, or inject forged packets onto the wire. This includes being able to generate packets that appear to be from a trusted machine. Thus, even if the end-system with which you wish to communicate is itself secure, the Internet environment provides no assurance that packets which claim to be from that system in fact are.”
RFC 3552 Internet Threat Model
Dang this book is good! I bought and read it back in 2018. No re-reading with the knowledge I have gained with implementing #nostr and extending the concepts to ‘Zero Trust Infrastructure’
zero trust infrastructure >>> bureaucratically approved infrastructure
Never mind Room 641A…
Room 641A - Wikipedia
“Identity can be proven cryptographically, meaning it no longer matters what IP address any given connection is originating from (technically, you can still associate risk with it—more on that later). With automation removing the technical barriers, VPN is essentially obsoleted. “Private” networks no longer mean anything special: the hosts there are just as hardened as the ones on the internet. Thinking critically about NAT and private address space, perhaps zero trust makes it more obvious that the security arguments for it are null and void.
Ultimately, the perimeter model flaw is lack of universal protection and enforcement. Secure cells with soft bodies inside. What we’re really looking for is hard bodies, bodies that know how to check IDs and speak in a way they can’t be overheard. Having hard bodies doesn’t necessarily preclude you from also maintaining the security cells. In very sensitive installations, this would still be encouraged. It does, however, raise the security bar high enough that it wouldn’t be unreasonable to lessen or remove those cells. Combined with the fact that the majority of the zero trust function can be done with transparency to the end user, the model almost seems to violate the security/convenience trade-off: stronger security, more convenience. Perhaps the convenience problem (or lack thereof) has been pushed onto the operators.”
Zero Trust Networks
Very cool. I modified the Reusable Payment Request so you can specify the item in fiat along with a description. This info shows up in your favorite Lightning wallet before you pay.
This is a price tag QR code for a single banana.
Phoenix and Wallet of Satoshi examples also below.
#nostr #safebox
I want to build the decentralized alternative for this.
#nostr #safebox
European Digital Identity Wallet - European Digital Identity
1 Bitcoin = 100,000,000 bitcoin
digital permissionless architecture
It’s the End of the Line For Pennies in the U.S.
BY RICHARD RUBIN
The Wall Street Journal
Nov 13, 2025
PHILADELPHIA—The first coin of the realm reached its last moment.
The U.S. Mint struck the final five U.S. pennies Wednesday afternoon, ending the country’s 232-year history of making one-cent pieces.
“All right everybody, this is the last one,” Treasurer Brandon Beach said before pushing the button that formed President Abraham Lincoln’s image on a planchet. “God bless America, and we’re going to save the taxpayers $56 million.”
Treasury officials created Wednesday’s artisanal batch of pennies months after the Mint’s 12-pennies-a-second production ended. They all bear a special omega mark above Lincoln’s shoulder. Worth far more than 1/100th of a dollar, the pennies were guarded by a Mint police officer once they emerged from the machine.
Technically, these final coins are circulating pennies, produced without the special finishes used for collectors’ items. But these last cents won’t show up on the sidewalk or in the supermarket. The Mint plans to auction them, with proceeds going to the government.
The U.S. began producing pennies in 1793, featuring a female figure of Liberty on the front and a linked chain on the reverse. That design invoked slavery to some, and it was replaced. Lincoln’s visage took over the front of the coin in 1909 as the nation celebrated the 100th anniversary of his birth.
Earlier this year, President Trump ordered the Treasury Department to stop producing pennies. The move eliminates money—and saves money.
Each penny—2.5 grams of copper and zinc—costs 3.7 cents to make. The Mint made more than three billion as recently as fiscal year 2024. The change will save the federal government $56 million a year in production costs, according to the Treasury Department, which has the authority to decide how many pennies to manufacture. The Mint will still make some special pennies for collectors.
Shared via PressReader
connecting people through news
After 232 Years, U.S. Is Down to the Last PennyThe Wall Street Journal
Nov 13, 2025
CENTS AND SENSIBILITY: The U.S. Mint in Philadelphia struck the last pennies Wednesday. The coin, produced since 1793, now costs 3.7 cents to make and is being eliminated to save money. Above, the blank coins and the die for the last batch.
Shared via PressReader
connecting people through news
Love and hate are on the same side of the coin.
The other side is price
The new military intelligence:
+
+
+
sovereignty as a service…
I have a keyboard problem. 