Does TOFU actually work?

[Nicolò Balzarotti]

Jason McBrayer <jmcbray at carcosa.net> writes:

> One option would be a 'certificate observatory', where various clients
> around the world submit the fingerprints they receive for various hosts.
> You can then compare the cert you receive with the consensus of the
> observatory. This doesn't protect you from MITM, but it makes you aware
> of it.

If there's a MITM, you cannot be sure the observatory is trusted just by
using TOFU.