1 megabit per second? That’s lower than I anticipated, even with all the size optimizations that I implemented (or let’s
just say, all the bloat that I purposefully did not add). Same goes for CPU usage: I’ve heard so many people on the
internet complain about how expensive TLS handshakes are, yet my virtual server handles all of this with less than six
percent of a single core. It’s barely even visible on the CPU usage chart, and completely drowned out by noise on the
A month ago, danluu wrote about terminal and shell performance. In that post, he
measured the latency between a key being pressed and the corresponding character appearing in the terminal. Across
terminals, median latencies ranged between 5 and 45 milliseconds, with the 99.9th percentile going as high as 110 ms for
some terminals. Now I can see that more than 100 milliseconds is going to be noticeable, but I was certainly left
wondering: Can I really perceive a difference between 5 ms latency and 45 ms latency?
I have previously noted that I get all my TLS certificates from Let’s Encrypt, but since my usage of the client
deviates quite a bit from the standard, I figured I should take a few minutes to describe my setup.
As the first actual content on my new blog, let me tell you the story of how I went absolutely crazy.
On my private systems, I ship configuration as system packages. Every distribution has their own tooling and process for
building these packages, but I eventually grew tired of the ceremony involved in it, and wrote my own system package
compiler. Since I’m using Arch Linux everywhere, the first version generated only Pacman packages, but I
was determined to make it truly cross-distribution. The first step was support for Debian packages, which I implemented
in a mere two evenings (one for understanding the format, one for writing the generator).
Next to dpkg, the other widely deployed package format is RPM, so I set out to add support for RPM as well. If I could
write the Debian generator in two days, then surely RPM support wouldn’t take that long, either. Little did I know that
I was embarking on a multi-month endeavor (including multiple week-long breaks to restore my sanity). To add insult to
injury, I stubbornly refused to add dependencies and use existing tooling (i.e., the rpm-build(1) command). I wanted
to serialize the format directly from my own code, like I did for Pacman and Debian packages.