Monday, December 19, 2011

Regenerating self-signed Dovecot and Exim SSL certificates in Debian

I run my own mail server, including STMP (exim4) and IMAP (dovecot). Connections to both of these are encrypted with SSL; however, I’m too lazy and cheap to buy a real certificate. Instead, I self-sign and pay attention to the fingerprint when approving the connection on the client end.

The problem is that these certificates expire. And, they don’t do it very often, so I forget how to generate new ones, and for some reason my google-fu is severely lacking in this area. So, here’s notes on how to regenerate Exim and Dovecot self-signed certificates on Debian, for future me and perhaps you too.

(The above notwithstanding, lately http://wiki.debian.org/SSLkeys has emerged as a good resource for these and many other programs. That’s where much of the below came from.)

Anyway, first off, it’s not always obvious which certificate has expired. You can find out with:
$ openssl x509 -in /etc/exim4/exim.crt -text -noout | less
$ openssl x509 -in /etc/ssl/certs/dovecot.pem -text -noout | less
To regenerate for exim:
$ cd /usr/share/doc/exim4-base/examples ./exim-gencert --force
$ /etc/init.d/exim4 restart
$ openssl x509 -in /etc/exim4/exim.crt -fingerprint -sha1 -noout
That last line will print the SHA1 fingerprint of the new certificate, which you can (and should) verify when connecting with your e-mail client, to make sure there’s no man-in-the-middle happening. (With a “real” certificate, the CA chain and your domain name verifies this, IIRC.)

On to dovecot:
$ rm /etc/ssl/certs/dovecot.pem
$ rm /etc/ssl/private/dovecot.pem
$ dpkg-reconfigure dovecot-common
$ openssl x509 -in /etc/ssl/certs/dovecot.pem -fingerprint -sha1 -noout

Saturday, December 17, 2011

Golf course hike

Went on a brief walk this afternoon with Erin and Melissa, along the Walnut Rim Trail near the golf course. This is the trail which is at risk due to golf course expansion plans.


The above is pretty sad: this is all that’s left of the Golf Course Pool, where I spent a large fraction of my childhood.


Snowy Jemez Mountains. Supposedly we have more snow in the works for early next week.


All of these trees would be cut down under some of the golf course expansion options.

Sunday, December 11, 2011

Should we cut down mature ponderosa forest to accommodate a golf course expansion?

Some of the latest drama here in Los Alamos is a proposed golf course improvement/expansion project which involves cutting down a significant amount of forest in North Community (both north and south of Diamond Drive, depending on the option). As you might guess, I don’t think this is a good idea. I’m in favor of golf course improvement (they really need it), but not at the expense of our internal community forests, especially after two major fires.

On December 8, there was a big public meeting at Fuller Lodge; about 150 people showed up. There was a lot of passion, but a very respectful and community-minded tone for the most part (with the exception of a group of golfers sitting behind us). The Monitor had a moderately good writeup and a few letters to the editor (1 2 3) (all behind a paywall, unfortunately). The county also has a fair amount of background information, with the usual level of bureaucratic disorganization. There are other blog posts appearing (1 2 3), and the Los Alamos Trails Facebook group is pretty stirred up.

If you want to weigh in, the county is listening. Please write to the Capital Projects and Improvements Department at cpfd@lacnm.us or to the Parks & Recreation Board at prb@lacnm.us. It’s unclear to me which is preferable, so I wrote to both.

Please also don’t hesitate to get in touch with me if you want to talk more about this or swap ideas and strategy.

My letter to the county is below.



Dear Mr. Walker, Mr. Aragon, and members of the Parks & Recreation Board and Capital Projects and Facilities Department:

Thank you for the opportunity to comment on the Golf Course Improvement Study. I attended (and spoke at) the public meeting on December 8 and found it extremely valuable, particularly in understanding the perspective of the golf course community. I was persuaded that the golf course indeed needs work, and that a quality golf course is in the best interests of both forest users and golfers. However, I still have significant concerns about the project, which I detail below.

For context, I grew up on Woodland Road and recently returned to town to pursue my career. I now live in Western Area. When I was little, I spend a great deal of time in the woods within and close to town, particularly between Woodland Road and the golf course. Much of this time was unsupervised, something uniquely possible in Los Alamos, with its well-bounded interior forests. As a returning adult, I am spending time in the county forests at least once a week; when it’s lighter in the evenings, I expect to spend more. I am expecting my first child in May and hope to be able to provide him or her with the same extraordinary and unique outdoor experiences I was lucky enough to have when I was young.

I have never played a round of golf and expect never to do so. This does not mean I am anti-golf; rather, I am simply indifferent to it. However, I do believe strongly in community and realize that a viable community has diverse interests. Thus, it is important to me as a community member to support the interests of local golfers, to the extent that they do not threaten my own, and in this specific case, it is important to me to reach some kind of agreement which satisfies both golfers and forest users. I am happy to put in significant work towards this goal (e.g., by serving on a working group).

My concerns about the project fall into three basic categories: the removal of trees, the expectation that an improved course can really be a regional draw, and the validity of the safety concerns expressed by the golf course.

Removal of trees

First, I believe the framing of the impacts is incorrect. The central issue is not trails, but rather their context: the forest. Neither matching nor increasing the trail mileage is sufficient; it is the impact on forest that should be considered. Trails are simply a means to access the forest.

Most importantly, I stand by my opinion that the goal of the project should be zero trees removed. This is not an extreme position. Our forest is particularly precious after two major wildfires in the past decade, once of which had severe effects within North Community itself. Should we not think long and hard before reducing what little we have left? The forest and its trees are a core asset for the people and wildlife that use them, and it is perfectly reasonable for us to ask that they be left alone.

I worry too about the erosive precedent we would set by removing trees: a few trees here, a few trees there, and pretty soon we’ll have nothing left. Many mountain communities have followed this unfortunate path. Let’s not become one of them.

Allow me to make an analogy. Suppose that instead of trees, the golf course were surrounded by boulders and cliffs – features prohibitively expensive to remove. Would the golf course simply throw up its hands and give up on improvements? Of course not. The course’s planners would get creative and produce a great solution within the constraints. My point is this: the cost of removing trees is in fact prohibitively expensive. It is just that the expense cannot be measured in dollars. And thus, I ask the community to work towards creative solutions which respect the magnitude of this expense.

Similarly, project planners must not hide this expense. When presenting options, planners must quote clearly (a) acres of forest to be removed and (b) number of mature ponderosas to be removed. If the golf course is going to ask forest users to give up part of the forest, it has a duty to be explicit about the impact.

I also note that the golf course invoked the notion of sustainability several times. I found this frustrating – does not sustainability include preserving our rapidly disappearing natural heritage? It is impossible to plant mature ponderosas; a “sustainable” new course does not make up for lost trees.

I believe strongly that the golf course has not made its case for removal of trees. The way to make this case is to show first that zero-tree options have been creatively and exhaustively explored, and then make a persuasive case that such options really are unworkable. Currently, it is clear that improvement within existing boundaries (currently Option C) was not explored anywhere near as thoroughly as the expansion options. The golf course must do so in order to credibly ask for tree removal.

Can an improved course really be a regional draw?

I sympathize with the golf course’s desire to become a regionally known course that draws golfers from beyond our community. However, I’m not yet convinced this is a realistic goal. In particular, I note that anyone coming up to Los Alamos to play golf must drive past courses in the valley which golfers in the meeting acknowledged as excellent. Thus, if the course were to become a regional draw, it would need to not only match neighboring courses in quality but exceed them sufficiently to justify another half hour of driving. As I mentioned, I’m not a golfer, but that seems like a tall order to me.

In particular, I am concerned that factors beyond course condition have a significant effect on the course’s ability to become a regional draw. I believe the golf course has a responsibility to quantify the degree to which course condition has hurt the course as well as the degree to which improving it would help. What data support the theory that improving the course will lead to increased interest (and accompanying player numbers)? How much of the cited play decline, and the expected play increase, are due to course condition as opposed to other factors, including construction and improvement of nearby courses, change in popularity of golf in general, and the economic downturn? How much does the additional driving beyond competing courses matter to players?

In other words, why should the golf course attempt to become a regional draw rather than an excellent community course? My point here is that the golf course must be improved under realistic assumptions and toward realistic goals. The golf course must make a credible case, backed by data, that becoming a regional draw is in fact plausible and likely under the proposed changes, before asking the community to endorse steps towards that goal.

Safety concerns expressed by the golf course

While I certainly agree that safety is an important consideration in most things, I do not believe the golf course has adequately made its case that meaningful safety problems exist and that the proposed improvements would mitigate them. At the meeting, evidence supporting the existence of a safety problem was limited to course standards and anecdotes (and especially in this town, the plural of anecdote is not data). No evidence at all was presented supporting the implicit claim that the course is meaningfully worse off than similar courses. (While the golf course showed that it did not meet current design standards, that is not the same thing.)

The golf course must present data showing (a) that a safety problem exists, and the specific nature of that problem, (b) that these problems are significantly worse than similar courses, and (c) that the proposed improvements sufficiently mitigate the problem. Additionally, the similar courses must be selected appropriately; new courses constructed to the most modern standards would not qualify. In these analyses, the golf course must be clear about who in particular is benefitting from improved safety, and to what degree. Golfers? Motorists on Diamond Drive? Hikers in the forest? In particular, simple signage could go along way towards improving hiker safety (if indeed there is a problem).

At this point, I worry that the golf course is simply “playing the safety card” in order to get what it wants. Being more specific and quantitative about the issue will allay this concern.

Moving forward

I do believe, based on the respectful and community-minded tone of the meeting as well as my own goals, that an agreement can be reached which would satisfy both sides. I also agree with Mr. Walker that a proposal that does not enjoy broad support would probably be unsuccessful (certainly, I would vigorously oppose a proposal which I believed did not adequately take into account the interests of forest users).

I also believe that keeping this constructive tone is important. While in general I do not see any problems emerging in this area, one that concerns me is vocabulary. The county is calling the plan an “improvement”, but several of the options include increasing the size of the golf course, which clearly meets the definition of “expansion”. (In particular, I was frustrated and worried when Mr. Stupka stood up at the end of the meeting and asserted repeatedly that the golf course was not seeking to expand. Denying the meaning of common words is an important ingredient in the collapse of good will and common purpose. I hope that the golf community will not continue down this path.) I suggest renaming the project to “Golf Course Improvement and/or Expansion Project”, in order to reflect the fact that some of the options involve expansion.

Along those lines, I’m interested in serving on a working group to hash out an agreement. It seems to me that having stakeholders sit down, get to know one another, and work out disagreements at length is a fruitful strategy that would lead to a solid agreement supported by both sides. (It is not clear to me that the current process really involves the two sides working together.) I’m sure it’s obvious that that I am firmly on the side of the forest, which I believe makes me an excellent candidate for a working group – if I’m satisfied, then there is a good chance that most forest people will be satisfied.

Again, thank you for the opportunity to comment, and I would love an opportunity to participate more deeply in this process. Please do not hesitate to contact me if you have any questions.

[my full name, address, phone number]

Sunday, December 4, 2011

A few Los Alamos hikes

Erin and I went on a few short hikes around town this weekend: a little bit of Hidden Canyon Trail off Trinity, East Fork Trail near the golf course, and Kwage Trail behind the stables on North Mesa.

Pajarito Mountain from pretty much someone’s back yard, near Hidden Canyon.


Not actually East Fork Trail – we got lost. The tracks lead to someone’s back gate.


Just below the stairs on East Fork Trail.
Also just below the stairs on East Fork Trail.


Kwage Trail on North Mesa. The mountain on the right is Caballo.


The end of Kwage Trail, overlooking the new old sewage treatment plant.
Barranca Mesa from the Kwage Trail.