Standard fingerprint format for TLS certificates

Ben Bader ben at bendb.com
Sat Nov 28 21:28:53 GMT 2020

Previous message (by thread): Standard fingerprint format for TLS certificates
Next message (by thread): Standard fingerprint format for TLS certificates
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Gemini software is currently fragmented with regards to certificate
fingerprints. It would be nice if there was an agreed upon way to
calculate fingerprints so that users can easily compare fingerprints
across different software.

What’s the use case for comparing fingerprints themselves?  I may be
missing something important, but I don't understand the need.

In my opinion, certificates themselves are the lingua franca and
fingerprints are merely a client implementation detail.  Unless we are
considering standardizing a known-hosts file format, I would prefer leaving
fingerprint formats to the discretion of client implementations.

There’s nothing stopping anyone today from using OpenSSL to compute
fingerprints using any algorithm one could wish, if comparisons are desired.

Cheers,
Ben
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20201128/b11221b3/attachment.htm>

Previous message (by thread): Standard fingerprint format for TLS certificates
Next message (by thread): Standard fingerprint format for TLS certificates
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list