## stacks – Prerequisites for understanding the algebraic geometry of "algebraic sheaves"

I'm trying to learn about the algebraic geometry of Gerbes.

I am familiar with the configuration of the sheaves in the case of differential geometry. Although there is some similarity between the differentiable sheaves and sheaves mentioned above, they are not quite the same.

So, what are the prerequisites for learning sheaves in the configuration of differential geometry? I am familiar with the concept of batteries. What other Grothendieck topologies and overlays on categories with these Grothendieck topologies should I be comfortable with to understand and use the sheaf concept mentioned above.

## Understanding the Implicit Function Theorem – Mathematics Stack Exchange

Let's say we have $$F (x, y) = x ^ 2 + y ^ 2 – 1$$ and we want to apply the implicit function theorem. Then, after some calculations, we see that for $$y neq 0$$ we can indeed apply the theorem which means that there are two open sets $$U: =) – 1, 1 ($$ of $$x$$, and $$V: =) 0, 2 ($$ of $$y$$and a function $$g: U to V$$ such as $$F (x, g (x)) = 0$$ $$forall$$ $$x in U$$. In this particular case, we can explicitly write $$g$$ by $$g (x) = sqrt {1-x ^ 2}$$ or $$g (x) = y$$ and $$y> 0$$.

What I do not understand is that even though $$y = 0$$, $$x = 1$$ and $$x = -1$$ are allowed $$g$$, always satisfied $$F (x, g (x)) = 0$$ $$forall$$ $$x in U$$. So, is it true that if the conditions of the implicit function theorem are not satisfied, it does not imply that there is no such function?

Maybe I did not understand the theorem well … any comment or help is welcome

## Ag.algebraic geometry – Local understanding of the universal sheaf

Suppose I have a flat and projective morphism $$pi: X to S$$ between projective varieties smooth on $$mathbb {C}$$. Through Simpson's work, there is a space of modules $$M = M (X / S, v)$$ of coherent sheaves without torsion (semistables) resting on the fibers of $$pi$$ with fixed discrete data $$v$$. So, the sheaves are in torsion $$X$$, supposing $$S$$ is not a point, but without twisting on the fibers.

I want to assume that this module space is actually wellSo there is a universal sheaf $$mathcal {F}$$ sure $$X times_ {S} M$$ which is without torsion. One of the key properties is that for all $$in M ​​$$, $$F_ {m} = mathcal {F} | _ {X times_ {S} {m }}$$ the sheaf represents the point $$in M ​​$$. Basically, I try to understand $$mathcal {F}$$ locally:

(1) For my first question, let's suppose $$P = (x, m) in X times_ {S} M$$ is such that $$m$$ represents a locally free sheaf on the fibers of $$pi$$. Is the stem $$mathcal {F} _ {P}$$ be free $$mathcal {O} _ {X times_ {S} M, P}$$-module? In simple terms, should the stems of the universal sheaf be free modules covering the local rings at points representing free sheaves locally?

(2) I think my second question is closely related. By universal property, I believe it's true that for $$P = (x, m)$$ we have isomorphism $$mathcal {F} _ {P} cong (F_ {m}) _ {x}$$. But I am confused as to how this isomorphism is given. For example, suppose the local ring of $$X times_ {S} M$$ at $$P$$ is

$$A = mathbb {C} ((x, y, w, z)) / (xy-wz)$$

or $$(x, y)$$ are coordinated on $$X$$ and $$(w, z)$$ are coordinated on $$M$$. So $$mathcal {F} _ {P}$$ should be a $$A$$-module, while $$(F_ {m}) _ {x}$$ should be a $$mathbb {C} ((x, y)) / (xy)$$-module. So how does one give isomorphism?
What's happening at $$w, z$$ variables when this identification is made?

## linear transformations – Understanding the linearity of derivatives

I am a little confused as to the assertion that the derivative of a function $$f$$ (whether it is a partial derivative, the total derivative or simply a derivative in $$mathbb {R}$$) is a linear transformation.

1.) By definition, the derivative is always defined at a given moment, for example $$a$$, so let $$Df (a)$$ to be the derivative at this point $$a$$. But if you consider the derivative according to any point $$x$$ from the domain of $$Df$$ then $$Df (x)$$ is not necessarily linear.

2.) If you consider a derivative at a given time $$a$$, $$Df (a)$$ and then you plug in another variable or vector $$v$$ then $$Df (a) (v)$$ is a linear transformation with respect to $$v$$.

Are these thoughts about derivatives correct?

## PCI DSS – Difficulty understanding SAQ A

I plan to use a payment gateway for an ecommerce store to reduce the number of requirements to be PCI DSS compliant.

As stated in SAQ A, the merchant must confirm that:
All cardholder data that your company keeps is paper-based (for example, printed reports or receipts) and these documents are not received electronically.

The PCI DSS Terms Glossary defines cardholder data as follows: "At a minimum, cardholder data consists of the entire PAN, service code."

For accounting purposes, I need a receipt for every purchase made in the online store. This receipt must contain the name of the cardholder.

As far as I know, the receipt for every purchase made in the store is available from the payment gateway. And I doubt that the payment gateway sends reports by post in the 21st century.

How is it possible to simultaneously comply with PCI DSS SAQ A standards and accounting laws?

## blockchain – Understanding the parameters of the API iquidus

I'm trying to understand the values ​​that are asked of me in the settings.json file to install the IQs explorer. I know how to get the genesis block because I hard-coded it when I created a fork to create a new altcoin. However, I do not know how to get the genesis_tx. I know you can convert it from the genesis block but I do not know how?

"Genesis": {
"genesis_tx": "",
"genesis_block": ""}

In terms of API parameters, they ask for an address, blockindex, blockhash and txhash. The blockindex can be any value in the height of your block … so, do I select any index value with the corresponding address in the list of transactions? Also, how can I get txhash and blockhash? In my opinion, these values ​​are subject to change and I know that they are stored in the blockchain … Does any one know how to retrieve this information?

"api": {
"blockindex": "",
"blockhash": "",
"txhash": "",
}

## csrf – Understanding JWT and SSO

I can not understand how to configure single sign-on between my application and another application we've deployed. I was trying again to set up this stuff, so I hoped that someone could explain if I'm on the right track, both from the point of view of the operation and the security.

We have our app (let's say it's https://app.mydomain.com).

• Our users connect to it with their user / pass.
• This application uses angular and webapi.
• The connection endpoint uses Microsoft.AspNet.Identity.Owin.SignInManager.

All this has been put in place by our previous developer, so my knowledge of how it works is not as good as I would like.

We now want to allow our users to use Jupyter Notebook. Let's say we have this configuration at https://jupyter.mydomain.com. And, as they are already connected to our app, we do not want them to be forced to reconnect to Jupyter.

One of our AWS guys set up Jupyter with the help of jwtauthenticator. His initial request was that I code our app to do the following:

1. Generate a JWT token in our application.
2. Add a link in the app that would open jupyter.mydomain.com in a new tab.
3. Pass a `Authorization: bearer ` header when this link is clicked.

He tested sending this header in PostMan successfully. However, on the apps side, I do not believe it's possible to tell the browser to send headers when opening in a new tab, so this solution does not work.

The following suggestion from our AWS manager has decided to configure it with the help of query parameters. Basically, something like:

`https://jupyter.mydomain.com?jwt=`

It also worked for him in PostMan and I'm pretty sure it would work in the application. But is not that a security risk, even with HTTPS? I think at least that the token is registered in the server logs, which, in my opinion, is not a good idea.

The idea of ​​query parameter m was reminiscent of using POST because I think the token would be encrypted at that time. But, even if I am correct, it seems that jwtauthenticator will not handle POST requests. I guess it could be changed to handle them, but I'm not sure that's the right solution.

After reviewing the jwtauthenticator code, it looks like he will also look for a cookie named XSRF-TOKEN. That's what I thought is the appropriate solution, but I'm not sure. Moreover, I can not make it work.

Here's what I do:

1. The user clicks the link that reaches an endpoint (for example, api / auth / jupyter)
2. The endpoint generates a JWT token
• The name is XSRF-TOKEN.
• The value is the JWT token string.
• Secure is true
• HttpOnly is wrong
• The domain is mydomain.com
• The path is /
4. The OK response with the cookie is returned to the client (DevTools for app.mydomain.com indicates that the cookie is set).
5. Call window.open ("https://jupyter.mydomain.com") (DevTools for jupyter.mydomain.com also indicates that the cookie is set).

Unfortunately, I get a 401 error. I've also tried setting this cookie in PostMan and testing it, which also corresponds to a 401. Judging by the jwtauthenticator code, I think the only thing that could occur is that the cookie is not read.

So, I guess I have a few questions:

1. Is there a security reason that would prevent the cookie from being read? I've assumed that since they are on the same domain, the problem would not arise.

2. Assuming I can have the problem with reading the cookie, is it secure? I'm afraid that there is still a problem of CSRF.

3. In general, is this an appropriate way to provide SSO? Or are we going in the wrong way? I know that security is not always easy, but our guy AWS and I spent a lot of time trying to find a solution. It seems easy. All we have to do is send the token to the Jupyter server. But it turns out to be very difficult, which makes me think that we are doing the wrong thing.

## android – Understanding LiveData and DataBinding

I am new to Android and MVVM development and are trying to understand Databinding and LiveData. So, with one-way-DataBinding, you can get data from the view model to the view. With Two-way-DataBinding, you can get data from the view model to the view and from the view to the view model. LiveData also updates the view when data changes in the view template. Why should I use LiveData, whereas DataBinding already does this in unidirectional and bidirectional data links? What are the benefits of using data link with LiveData? Thanks for all the answers

## Understanding Email Delay – Webmasters Stack Exchange

We receive about 50+ emails from a bank we work with. Sometimes their emails are delayed one day. We try to understand the problem and we try to solve it. We put the domain on our white list. However, this did not solve the problem. The header is below:

``````Return-Path:
Delivered-To: finans@kisan.com.tr
by eu01.server.plus with LMTP
id +GgqGsZrO125hjMA7YZH9Q
(envelope-from )
for ; Fri, 26 Jul 2019 23:08:22 +0200
Return-path:
Envelope-to: finans@kisan.com.tr
Delivery-date: Fri, 26 Jul 2019 23:08:22 +0200
by eu01.server.plus with esmtps (TLSv1.2:ECDHE-RSA-AES256-SHA384:256)
(Exim 4.92)
(envelope-from )
id 1hr7Ro-00Ejfk-A7
for finans@kisan.com.tr; Fri, 26 Jul 2019 23:08:22 +0200
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
s=akbank; d=akbank.com;
h=mime-version:from:to:date:subject:content-type:message-id;
bh=SRGCYnnX9jEvWobQ/4qyFcljd9G9zWjrFHnuQhaxE5I=;
b=j7FtRZkruwp8XQUgj+3C2+VvvSbDPORWakrAwdjhbrVtp7UPaw2QDTEWWTk+wT
WFYfg8nWCoBkd629NdOVajluwZl0NfA81hXhysecR5/M8qhD95aB9DAV9TdGDK
KwYyDMY7XHsJdGemO/LN3dN8+cDAM7KaZSkhVcYDFAOFkEg=
X-EMID: ELC-I-111-0-23615124-20190726175320-N
X-VirtualMta: urgent
X-ExpireDate: 2019/07/27
MIME-Version: 1.0
From: =?utf-8?Q?Akbank_=C5=9Eube_Bankac=C4=B1l=C4=B1=C4=9F=C4?=
=?utf-8?Q?=B1?=
To:
Date: Fri, 26 Jul 2019 17:53:20 +0300
Subject: Akbank E-Posta
Content-Type: multipart/mixed;
boundary="--boundary_13557_4d8914dd-fe01-4b7a-a7e6-972d03da3def"
Message-ID: <09a2d864143841a19be4a15d8f580efa@excmgts02.mgtsdmn.akb>
X-Spam-Status: No, score=-104.0
X-Spam-Score: -1039
X-Spam-Bar: ---------------------------------------------------
X-Ham-Report: Spam detection software, running on the system "eu01.server.plus",

has NOT identified this incoming email as spam.  The original
message has been attached to this so you can view it or label
similar future email.  If you have any questions, see
root@localhost for details.

Content preview:  DeÃ°erli MÃ¼Ã¾terimiz, HesabÃ½nÃ½zÃ½n hareketlerini iÃ§eren
ekstre bilgisi ekte yer almaktadÃ½r. Bilginize sunarÃ½z.
Content analysis details:   (-104.0 points, 7.0 required)
pts rule name              description
---- ---------------------- --------------------------------------------------
-100 USER_IN_WHITELIST      From: address is in the user's white-list
-0.0 SPF_PASS               SPF: sender matches SPF record
1.1 DATE_IN_PAST_06_12     Date: is 6 to 12 hours before Received: date
-2.0 RCVD_IN_RP_SAFE        RBL: Sender in ReturnPath Safe - Contact
safe-sa@returnpath.net
(Return Path SenderScore Safe List (formerly)
(Habeas Safelist) - )
0.0 HTML_MESSAGE           BODY: HTML included in message
0.0 T_OBFU_PDF_ATTACH      BODY: PDF attachment with generic MIME type
0.1 MIME_HTML_ONLY         BODY: Message only has text/html MIME parts
-0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
envelope-from domain
0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not necessarily
valid
-0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
author's domain
-0.1 DKIM_VALID             Message has at least one valid DKIM or DK signature
-3.0 RCVD_IN_RP_CERTIFIED   RBL: Sender in ReturnPath Certified -
Contact cert-sa@returnpath.net
(Return Path SenderScore Certified {formerly)
(Bonded Sender} - )
-0.0 DKIMWL_WL_HIGH         DKIMwl.org - Whitelisted High sender
X-Spam-Flag: NO
X-EsetId: 37303A299E82206F677464
``````

Although this message seems to have been sent on Friday, July 26th, it was received by our prospects on Saturday, July 27th.

We use a third-party web hosting service with managed VPS. Although we have partial access to cpanel and WHM, the configurations we can perform are limited.

Any help would be appreciated!

## Understanding of Oracle multi-tenant PDBs

I am a new user of Oracle. The document says

The root CDB, also called simply the root, is a collection of schemas, schema objects, and non-schema objects to which all PDBs belong.

and

A PDB is a portable collection of schemas, schema objects, and non-schema objects that appears to an Oracle Net client as a non-CDB.

So, CDB and PDB are a collection of schemas, schema objects, and non-schema objects. How could PDBs belong to CBDs? What does it mean by something like schema object a belongs to the schema object b?