The Daily Parker

So far this month, I've worked about 110 hours (no exaggeration), in part preparing for a pair of software demos on Monday. Normal blogging will likely return tomorrow or Monday.

Meanwhile, here's a picture of Parker:

That's from six years ago this week. Everyone together, now: "Awwwwwwww."

My latest entry is up on the 10th Magnitude tech blog:

We've taken a little more time than we'd hoped to figure out how to deal with Azure deployment credentials and profiles properly. In an effort to save other development teams some of our pain, we present our solution. First, the general principle: Publication profiles are unique to each developer, so each developer should have her own management certificate, uploaded by hand to each relevant subscription.

When you deploy a project to a Windows Azure Cloud Service instance, you have to authenticate against the Azure subscription using a management certificate. The Publish Windows Azure Application wizard in Visual Studio presents you with a helpful link to sign in to your Azure subscription and download credentials. If you do this every time you publish to a new subscription, you (a) rapidly run up against the 10-certificate limit in Azure; and (b) get ridiculous credential files called things like "WorkSubscription1-AzDem12345-JoesSubscription-MySecretProjectThatMyBossDoesntKnowAboutSubscription.publishsettings" which, if you're not paying attention, soon shows up on a Subversion commit report (and gives your boss access to that personal project you forgot to mention to her).

Don't do that. Instead, do this:

1. Create a self-signed certificate using IIS. Name it something clear and unique; I used "david.10thmagnitude.com," for instance.

Then export it to a private folder.

2. Import the .pfx file into your local certificate store.

3. Export the same certificate as a .cer file.

4. Go to the Azure management portal's management certificate list.

5. Upload the certificate you just created to the subscriptions to which you want to publish cloud services.
 

Now you have a single certificate for all your subscriptions. Next, create a publishing profile with the certificate:

6. In your Azure cloud service project, right-click the project node and choose "Publish…" to bring up the Publish Windows Azure Application wizard.

7. Drop down the "Choose your subscription" list and click "<Manage...>"

8. Click "new"

9. In the "Create or select..." drop down, find the certificate you just created and choose it.

10. Continue setting up your publishing profile as you've done before.

That's it. Except for one other thing.

If you have more than 0 developers working on a project, at some point you'll use source control. Regardless whether you have Subversion, Mercurial, or whatever, you need to avoid committing keys, certificates, and publishing profiles into your VCS. Make sure that your VCS ignores the following extensions: *.pfx, *.cer, *.publishsettings, and *.azurePubxml.

You want to ignore pfx and publishsettings files because they contain secrets. (I hope everyone knows this already. Yes, pfx files use passwords, but publishsettings don't; and anyway, why would you want to risk anyone else authenticating as you without your knowledge?) Ignore cer files because they're not necessary in an Azure project. And ignore azurePubxml files because every developer who publishes to Azure will wind up overwriting the files, or creating new ones that no one else uses.

My nephew, Conner:

I am officially an uncle.

Good morning, Conner. Welcome to the world. Don't let your last 13 hours turn you off to it. It gets better.

Nick, Jeanine: congratulations, you crazy kids. Let me know when you're ready to have me corrupt him.

Yes, more links:

• Qatar Airways has joined the oneworld alliance. The Economist's Gulliver blog has the story; Cranky Flier had analysis yesterday.
• Fun and games for the election with an endorsement of Mitt Romney that is either subtle satire or true hathos, and bad lip reading of the debate.
• Russia goes back and forth about daylight saving time, to the confusion of all.

Later today I'll also have a new post on the 10th Magnitude blog.

I have just inflicted this on my friends; you're next:

After the "incident" with Esmerelda, the Cathedral of Our Lady in Paris—Notre Dame—needed a new bell-ringer. A man showed up for the job. The bishop in charge of hiring noticed he had no arms. "Pas de problème," said the man. "I hit the bells with my head, like this." He then proceeded to play a magnificent carillon using only his face. As he reached a crescendo, the glorious music reaching out across Paris, he slipped, fell from the bell tower, and died instantly.

The monsignor ran over to the bishop and demanded, "What happened? Who is this man?"

"I don't know," said the bishop, "but his face rings a bell."

The next day, another man showed up to apply for the job. He introduced himself to the bishop, saying, "It was my brother who fell from the tower yesterday. We are all very sad, but our family is one of bell-ringers. I must take his place."

The bishop nodded, but then noticed the new man had no legs. "Pas de problème," said the brother. "Ecoutez." He climbed up to the bell tower using only his massively-powerful arms, then began another carillon, even more glorious than his brother's had been. He swung from rope to rope, in perfect time, sometimes pulling on two or three ropes at once, building to a finale that had the bishop in tears of joy.

As he rang the final bells, he returned to the ground floor, and presented him to the bishop. But before he could speak, he had a massive heart attack, and died instantly.

"Not again!" cried the monsignor. "And who was this man?"

"I don't know," said the bishop, "but he's a dead ringer for his brother."

I haven't any time to write today, but I did want to call attention to these:

• Parker is fine, though it appears likely he pulled a hind leg muscle on Sunday. He spent much of Sunday crying and really, really hating the stairs; today he was able to stand up and grab a treat from my hand. Tomorrow he'll get a 3 km walk in the morning.
• Alex Brown, my boss, has a new blog entry up.
• The Smithsonian wrote about a CIA burglar who went rogue.
• Reuters' Felix Simon argues against high-frequency trading.
• Andrew Sullivan is freaking out about the President's debate performance. Twice.
• Both Chicago newspapers have endorsed Tammy Duckworth in the 8th district U.S. House race against right-wing nutter Joe Walsh.

Back to the mines...

Aaron Sorkin, writing for Maureen Dowd's column today, imagines the conversation:

BARTLET And that was quite a display of hard-nosed, fiscal conservatism when he slashed one one-hundredth of 1 percent from the federal budget by canceling “Sesame Street” and “Downton Abbey.” I think we’re halfway home. Mr. President, your prep for the next debate need not consist of anything more than learning to pronounce three words: “Governor, you’re lying.” Let’s replay some of Wednesday night’s more jaw-dropping visits to the Land Where Facts Go to Die. “I don’t have a $5 trillion tax cut. I don’t have a tax cut of a scale you’re talking about.”

OBAMA The Tax Policy Center analysis of your proposal for a 20 percent across-the-board tax cut in all federal income tax rates, eliminating the Alternative Minimum Tax, the estate tax and other reductions, says it would be a $5 trillion tax cut.

BARTLET In other words ...

OBAMA You’re lying, Governor.

Yeah, we really could have used Josiah Bartlet up there Wednesday. But there are three more debates...

Two aviation articles this morning. The first, via the Economist's Gulliver blog, examines how checked baggage tags have cut lost luggage down to nearly zero:

In July alone, 53 million passengers boarded domestic flights. Only about one-third of 1 percent reported a mishandled bag. Given the phenomenal scale of American aviation (measured in seats and miles, the U.S. market is three times larger than any other) and our reliance on luggage-juggling hub airports, that’s an excellent result. Even caged birds are treated pretty well by modern air travel (though remarkably, they do get airsick): In July, U.S. airlines lost just one pet.

This success is largely due to the humdrum baggage tag. That random sticky strip you rip off your suitcase when you get home? It’s actually a masterpiece of design and engineering. Absent its many innovations, you’d still be able to jet from Anchorage to Abu Dhabi. But your suitcase would be much less likely to meet you there. (Disclosure: I am a pilot for an airline that’s not mentioned in this article.)

I also had the latest from the Cranky Flier in my RSS feed this morning, about how American Airlines' management is getting PR horribly wrong:

While people might not want to fly American for its lack of reliability, it’s much more of a crisis if people don’t think the airline is safe to fly regardless of whether flights are on time or not. While I personally don’t have huge concerns about flying the airline, I’m not the general public. If I worked at American in PR, this would have me at DEFCON 1, yet the airline has treated this as if it’s just a minor issue.

The most visible of the safety issues has been the seats coming loose on 757s. This is a major issue in that it could easily be believed by the general public to be sabotage or the sign of an airline failing to do proper maintenance. Neither is remotely acceptable. It sounds like American has found a possible reason for the issue and in yet another stupid move is blaming passengers. While this issue has now apparently been fixed, real damage has been done. And now the media is piling on, making things worse.

He goes on to say that the pilots and mechanics have had a little more intelligence behind their PR efforts. I hope, I really hope, that American's executives don't kill the airline before USAirways has a chance to close the merger.

I just discovered something that should have been obvious: Chicago Public Radio dropped Car Talk too early.

Starting yesterday, WBEZ moved its Saturday schedule around, dropping Car Talk from the 9am slot, bringing Wait Wait! Don't tell me and This American Life forward, and putting new show Snap Judgment in TAL's noon slot. Last week I listened to what I believed at the time to be the last Car Talk episode ever, and found it...oddly routine.

Well, duh. Tom and Ray will continue recording until later this month.

WBEZ: Why, oh why, did you switch the schedule four weeks early? At least there are podcasts.

But wait: it's possible they're not actually going to have a finale. Speculation on the boards is that they're already recycling segments. Say it isn't so, Tom and Ray!