[spec] Certificate trust

devel at datenbrei.de devel at datenbrei.de
Mon Mar 1 17:21:29 GMT 2021


Am 28.02.21 um 23:07 schrieb Martin Keegan:
> On Sun, 28 Feb 2021, Côme Chilliet wrote:
> 
>> I’m failing to see how TOFU can provide any security, especially if
> 
> Does SSH provide any security

In all of my life I used ssh to administer servers which had been my own 
or had been owned by the company I had been working on. So, if I set up 
a server from scratch I always did know exactly, why my ssh did warn me 
  about a mismatch.

Using servers of others gives a totally different situation. I don't 
know anything why or by whom a certificate had been changed. Anyways, if 
I gave trust to somebody the first time, why should I not trust him the 
next time? No matter for me if I'm just reading Gemini pages.

Martin


More information about the Gemini mailing list