Client certificate musings

solderpunk solderpunk at SDF.ORG
Thu May 28 18:59:05 BST 2020

Previous message (by thread): Client certificate musings
Next message (by thread): Client certificate musings
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

As some of you may have read at
gemini://gemini.circumlunar.space/users/solderpunk/cornedbeef/the-mercury-protocol.gmi,
I have been having a small semi-crisis-of-confidence regarding the
apparently unavoidable complexity of speccing a robust and flexible
mechanism for in-band authentication with client certificates.  Thanks,
by the way, to everybody who emailed me or made posts of their own in
response to that post.

I'm still committed to mandatory TLS in Gemini, as I have been since day
one.  And I still think client certificates are an under-appreciated and
powerful tool for authentication.  But I've also convinced myself that
the transient certificate idea got specced mostly just because I was so
pleased by the realisation that it was *possible* to use client certs
that way, not because there was a clear motivation.  So far nobody has
used them for anything and it hasn't exactly ruined the experience.
People have been building interesting interactive things without client
certs so far.  The most obvious and compelling use case for client
certificates for me is for people to be able to put up private content
for their own use (a private bookmarking or to-do app, for example), and
that doesn't require anything complicated in Gemini at all, it can be
done ssh style by whitelisting the fingerprint of a self-signed cert, or
traditional TLS style by setting up your own CA.

None of which is to say the other stuff needs to go, but I think it
probably ought to be a lower priority than other considerations which
affect searchability and accessibility of publically available material,
which is clearly more important - yes, less fun and interesting from a
technogeek perspective, but more actually important.

I'm going to keep thinking about this stuff, and I encourage people to
share their thoughts and ideas and to experiment with what's specced in
AV-98.  But, whereas I previously thought this would be the part of the
spec which saw the bulk of activity once the spec freeze wore off, I
think maybe for now this should actually stay in the "experimental
features for power users, subject to change" category while we focus on
other stuff.

Cheers,
Solderpunk

Previous message (by thread): Client certificate musings
Next message (by thread): Client certificate musings
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list