[spec] Certificate trust
stephane at sources.org
Mon Mar 1 09:17:49 GMT 2021
On Sun, Feb 28, 2021 at 08:27:26PM +0100,
Côme Chilliet <come at chilliet.eu> wrote
a message of 32 lines which said:
> The certificate trust is one of the weak point of the current
> specification I think, and it would need to be clarified.
I agree with your statement. With the new issue tracking system that
Sean configured, this is ticket #5
> Secondly, there is the good old CA system, nowadays mostly using
> letsencrypt. It seems badly supported in most clients which still
> use TOFU in this case and will complain at each renewal.
More precisely, each renewal, BY DEFAULT. But Let's Encrypt lets you
request that we keep the public key, and then TOFU will still work iff
it acts on the public key only.
If you use the ACME client dehydrated, this is in the configuration file:
With the ACME client certbot, this is an option on the command-line:
> A third possibility I think would be to use DANE and base validation
> on the DNS system, but I’ve not seen anyone advocating this, is
> there anything wrong with that idea?
This is certainly the best solution, technically
speaking. Unfortunately, adding DANE support to your Gemini client
typically requires some effort, the existing libraries are typically
not sufficient. (Full disclosure: I did not even add DANE support to
my own Gemini client, despites the fact I'm strongly pro-DANE.)
Also, the Internet is very ossified by broken middleboxes (typically
firewalls but not only them) and TLSA requests may be blocked (or,
worse, any DNSSEC use, which DANE requires). This is something to keep
> I’m failing to see how TOFU can provide any security, especially if
> there is no way to announce a renewal by sending both new and old
> cert or something, there is a MITM possibility at each renewal. The
> only TOFU example I’ve seen cited is openssh, which seems offtopic
> because you usually do not ssh into random machine on the internet
> by following links like you do with Gemini.
I fully agree. TOFU is great for SSH but Gemini is completely
More information about the Gemini