| Sep | OCT | Nov |
| 07 | ||
| 2019 | 2020 | 2021 |
COLLECTED BY
Formed in 2009, the Archive Team (not to be confused with the archive.org Archive-It Team) is a rogue archivist collective dedicated to saving copies of rapidly dying or deleted websites for the sake of history and digital heritage. The group is 100% composed of volunteers and interested parties, and has expanded into a large amount of related projects for saving online and digital history.
History is littered with hundreds of conflicts over the future of a community, group, location or business that were "resolved" when one of the parties stepped ahead and destroyed what was there. With the original point of contention destroyed, the debates would fall to the wayside. Archive Team believes that by duplicated condemned data, the conversation and debate can continue, as well as the richness and insight gained by keeping the materials. Our projects have ranged in size from a single volunteer downloading the data to a small-but-critical site, to over 100 volunteers stepping forward to acquire terabytes of user-created data to save for future generations.
The main site for Archive Team is at archiveteam.org and contains up to the date information on various projects, manifestos, plans and walkthroughs.
This collection contains the output of many Archive Team projects, both ongoing and completed. Thanks to the generous providing of disk space by the Internet Archive, multi-terabyte datasets can be made available, as well as in use by the Wayback Machine, providing a path back to lost websites and work.
Our collection has grown to the point of having sub-collections for the type of data we acquire. If you are seeking to browse the contents of these collections, the Wayback Machine is the best first stop. Otherwise, you are free to dig into the stacks to see what you may find.
The Archive Team Panic Downloads are full pulldowns of currently extant websites, meant to serve as emergency backups for needed sites that are in danger of closing, or which will be missed dearly if suddenly lost due to hard drive crashes or server failures.
Collection: Archive Team: The Github Hitrub
The Delegated Account Recovery Rigid Reusable Ruby (aka D.a.r.r.r.r. or "Darrrr") library is meant to be used as the fully-complete plumbing in your Rack application when implementing the Delegated Account Recovery specification. This library is currently used for the implementation at GitHub.
Along with a fully featured library, a proof of concept application is provided in this repo.
config/initializers or any location that is run during application setup, add a file. NOTE: procs are valid values for countersign_pubkeys_secp256r1 and tokensign_pubkeys_secp256r1
Darrrr.authority = "http://localhost:9292" Darrrr.privacy_policy = "#{Darrrr.authority}/articles/github-privacy-statement/" Darrrr.icon_152px = "#{Darrrr.authority}/icon.png" # See script/setup for instructions on how to generate keys Darrrr::AccountProvider.configure do |config| config.signing_private_key = ENV["ACCOUNT_PROVIDER_PRIVATE_KEY"] config.symmetric_key = ENV["TOKEN_DATA_AES_KEY"] config.tokensign_pubkeys_secp256r1 = [ENV["ACCOUNT_PROVIDER_PUBLIC_KEY"]] || lambda { |provider, context| "you wouldn't do this in real life but procs are supported for this value" } config.save_token_return = "#{Darrrr.authority}/account-provider/save-token-return" config.recover_account_return = "#{Darrrr.authority}/account-provider/recover-account-return" end Darrrr::RecoveryProvider.configure do |config| config.signing_private_key = ENV["RECOVERY_PROVIDER_PRIVATE_KEY"] config.countersign_pubkeys_secp256r1 = [ENV["RECOVERY_PROVIDER_PUBLIC_KEY"]] || lambda { |provider, context| "you wouldn't do this in real life but procs are supported for this value" } config.token_max_size = 8192 config.save_token = "#{Darrrr.authority}/recovery-provider/save-token" config.recover_account = "#{Darrrr.authority}/recovery-provider/recover-account" endThe delegated recovery spec depends on publicly available endpoints serving standard configs. These responses can be cached but are not by default. To configure your cache store, provide the reference:
Darrrr.cache = Dalli::Client.new('localhost:11211', options)The spec disallows
http URIs for basic security, but sometimes we don't have this setup locally.
Darrrr.allow_unsafe_urls = true
# Only configure this if you are acting as a recovery provider Darrrr.register_account_provider("https://github.com") # Only configure this if you are acting as an account provider Darrrr.register_recovery_provider("https://www.facebook.com")
Module.sign, Module.verify, Module.decrypt, and Module.encrypt. You can use the template below. I recommend leaving the #verify method as is unless you have a compelling reason to override it.
Darrrr.this_account_provider.custom_encryptor = MyCustomEncryptor
Set Darrrr.this_recovery_provider.custom_encryptor = MyCustomEncryptor
Darrrr.with_encryptor(MyCustomEncryptor) do # perform DAR actions using MyCustomEncryptor as the crypto provider recovery_token, sealed_token = Darrrr.this_account_provider.generate_recovery_token(data: "foo", audience: recovery_provider, context: { user: current_user }) end
module MyCustomEncryptor class << self # Encrypts the data in an opaque way # # data: the secret to be encrypted # # returns a byte array representation of the data def encrypt(data) end # Decrypts the data # # ciphertext: the byte array to be decrypted # # returns a string def decrypt(ciphertext) end # payload: binary serialized recovery token (to_binary_s). # # key: the private EC key used to sign the token # # returns signature in ASN.1 DER r + s sequence def sign(payload, key) end # payload: token in binary form # signature: signature of the binary token # key: the EC public key used to verify the signature # # returns true if signature validates the payload def verify(payload, signature, key) # typically, the default verify function should be used to ensure compatibility Darrrr::DefaultEncryptor.verify(payload, signature, key) end end end
/.well-known/delegated-account-recovery/configuration)
Specifically, the gem exposes the following APIs for manipulating tokens.
●Account Provider
●Generating a token
●Signing (#seal) a token
●Verifying (#unseal) a countersigned token
●Recovery Provider
●Verifying (#unseal) a token
●Countersigning a token
./script/bootstrap then run ./script/server
●Visit http://localhost:9292/account-provider
●(Optionally) Record the random number for verification
●Click "connect to http://localhost:9292"
●You'll see some debug information on the page.
●Click "setup recovery".
●If recovery setup was successful, click "Recovery Setup Successful"
●Click the "recover now?" link
●You'll see an intermediate page, where more debug information is presented. Click "recover token"
●You should be sent back to your host
●And see something like Recovered data: <the secret from step 1>
./script/test to run all tests.
heroku config:set to set the environment variables listed in script/setup. Additionally, run:
heroku config:set HOST_URL=$(heroku info -s | grep web_url | cut -d= -f2)
git push heroku <branch-name>:master
heroku run rake db:migrate
heroku restart
heroku open
token-status endpoints as defined by the spec
●Add async API as defined by the spec
●Implement token binding as part of the async API
./script entries?
script/setup for the environment variables that need to be set.
darrrr is licensed under the MIT license.
The MIT license grant is not for GitHub's trademarks, which include the logo designs. GitHub reserves all trademark and copyright rights in and to all GitHub trademarks. GitHub's logos include, for instance, the stylized designs that include "logo" in the file title in the following folder: logos.
GitHub® and its stylized versions and the Invertocat mark are GitHub's Trademarks or registered Trademarks. When using GitHub's logos, be sure to follow the GitHub logo guidelines.