In my implementation for the Conduit Matrix server, the /sync order is used for everything. The timeline is just one list that grows on one end for incoming events and on the other end for backfilled events.
I think it's important that the message order does not change, because that's very difficult to communicate to the user.
A few years ago, I started writing a Matrix client library for Kotlin. At one point, I had to make an API decision based on how messages are ordered. When I found this issue, I subscribed to it and planned on continuing with my library when the spec was clarified. Given how foundational this spec unclarity is, I thought it wouldn't take too long.
Oh that’s neat (TIL), am also working on a HS that also does this [1].
Not only does it feel like the most correct (I don’t think there is a perfect) behaviour for the user but also makes implementation much simpler. Synapse has a LOT of ordering foo and magic in the code I still don’t fully understand and I’ve gone fairly deep into synapse at times for work.
Not especially, but most websites are protected by TLS, so the problem that DNS is insecure is less of a problem. It's mainly a coordination problem, you have up get a lot of people on board to design a new DNS-SECure, and then everyone would also have to adopt it. Which they did (create DNSSEC, that is), but it has not seen the desired adoption. The other one is DoH, DNS over https. It's not without issue either though. So there are efforts, it's just a hairy coordination problem.
* The integrity of registrar accounts that are the root of trust for most DNS zones (this was, last I checked, the overwhelming source of DNS corruption attacks),
* The security of one or more DNS lookups, depending (some CAs, like LetsEncrypt, do multi-perspective lookups), and
* The WebPKI Certificate Transparency system, which tracks the issuance of all certificates that Chrome and Mozilla will accept in a public ledger.
you can get certificates for an IP, but they're rare. How it generally works is the DNS server says Google.com is at w.x.y.z IP address, your browser talks to that, it gives you a certificate, (skipping a few cryptography steps for simplicity,) you computer checks the certificate coming from Google.com as being valid, without checking w.x.y.z, and then encrypts your connection and shows the green lock icon.
If the DNS server is bad, it'll return e.v.i.l as the IP, your browser will talk to that, but it can't give a certificate that your computer thinks is valid. so your protected from accidentally logging in to a fake bank website, but also you can't access the correct bank website, so there's still a denial of service problem.
The certificate authority (CA) that gives out the certificates has to verify you own the domain that you're asking for the certificate for. One method is to look up the IP, but as that's problematic if they get the wrong IP, they usually check that from multiple places all over the world.
You can find many professional fonts in https://news.ycombinator.com/item?id=36793029, but almost all of them require expensive licenses or even monthly fees. swisstypefaces.com licenses include all formats with unlimited usage for a one-time fee.
I'm the creator of the Conduit Matrix Server open source project https://conduit.rs . I also like working with computer graphics (e.g. https://plotf.xyz ) and am interested in building optimized software with Rust.
I have a question: Why is it necessary to specify the device for every Tensor? Wouldn't it be possible to set the device once and then all allocations are made to that device?
