Gemini TOFU

[makew0rld]

Gemini TLS certificates use a TOFU system for authentication. I noticed the README said "No certificate management code yet" for Gemini, so I hoped my blog post on implementing TOFU could be of use. I don't know Javascript so I can't contribute directly, but I hope this helps!

gemini://makeworld.space/gemlog/2020-07-03-tofu-rec.gmi (Portal)

Let me know if you have any questions! Note that this post doesn't discuss general certificate checks that should be done, like expiry date and hostname (and subjectAltName) validation.

[RangerMauve]

What sort of prompts do you think would make sense in agregore? I was thinking a simple confirmation dialog like Do you trust certificiate [SIGNATURE HERE] for [DOMAIN HERE]? y/n.

Also would you be up for opening an issue in gemini-fetch to mention tracking the signature and prompting users to verify it? https://github.com/RangerMauve/gemini-fetch

[makew0rld]

What sort of prompts do you think would make sense in agregore? I was thinking a simple confirmation dialog like Do you trust certificiate [SIGNATURE HERE] for [DOMAIN HERE]? y/n.

Note that you only want to have such a prompt if the certificate changes before expiring. As for what to say, that's good enough, although sometimes it's nice to explain more. Amfora says the following:

example.com's certificate has changed, possibly indicating an security issue. The certificate would have expired [in one month, next week, etc]. Are you sure you want to continue?

Note that it doesn't include the signature, which could be a pro or con.

Also would you be up for opening an issue in gemini-fetch to mention tracking the signature and prompting users to verify it? https://github.com/RangerMauve/gemini-fetch

I'm not sure if that really applies to a low level library like gemini-fetch. I have a similar lib, go-gemini, and all I do there is do basic checks like I mentioned above: expiry, hostname, status code validation, etc.