Thoughts on TOFU

solderpunk solderpunk at SDF.ORG
Fri Jun 19 21:03:37 BST 2020

Previous message (by thread): Thoughts on TOFU
Next message (by thread): Thoughts on TOFU
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jun 19, 2020 at 06:51:35PM +0000, colecmac at protonmail.com wrote:
 
> Whether this is specced (as an optional client behaviour) or not, I think
> the spirit of "mostly secure" suggests that at the very least, simple clients
> should look at cert hash and expiry, and not just the cert public key as Felix
> suggested in this thread originally. I think it'd be nice to see this suggestion
> in the Best Practices file, if you agree.

I want to setup an entirely separate document on TOFU practices!  I
don't want to rush into it, though.  I am planning to read this paper
over the weeekend:

https://rp.delaat.net/2012-2013/p56/report.pdf

Feel free to join in!

Cheers,
Solderpunk

Previous message (by thread): Thoughts on TOFU
Next message (by thread): Thoughts on TOFU
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list