Updated recommendations regarding TOFU & TLS
petite.abeille at gmail.com
Thu Mar 4 17:43:03 GMT 2021
> On Mar 4, 2021, at 18:36, Drew DeVault <sir at cmpwn.com> wrote:
> The server generates a certificate and it just works. This is much easier.
True. Especially because no one verifies the resulting certificate at all. Easy-peasy indeed.
Actually, one could not bother at all as there is no chain of trust to speak of. Even easier.
What's the point? Honest question.
What's the [threat|trust|usage] model?
More information about the Gemini