> On Mar 5, 2021, at 00:13, Phil Leblanc <philanc at gmail.com> wrote: > > On Thu, Mar 4, 2021 at 11:05 PM Petite Abeille <petite.abeille at gmail.com> wrote: >> >>> so, "Petite Abeille" sounds more positive to me :-) >> >> An apiculturists commune this is not. > > Right. What an amazing thread... You are not saying :P > Anyway, thanks to Drew DeVault for his TOFU/TLS recommendations. I am > not sure any of the 36+ following replies related to it - but I may > have missed some :-) Not really, no. Mostly pests control. Go figure. That said, I still don't get the TOFU usage model in the context of Gemini... not that I necessarily need to understand it to have a good night sleep, but still... out of curiosity... In ssh, I know the host, therefore I trust the key. Plus, this happens only every blue moon. No brainer. Not so in the wild-wild Gemini space. Infinite number of esoteric, fly-by-night operators. All harmless for sure, but still. What's the trust model, if any? Or is it more like Trust-And-Pray (TAP)? In which case, why bother? Just ignore all certificates and be merry. This is what a Little Bee impersonator had to say on GitLab: Trust on first use (TOFU) is akin to unprotected intercourse: you must trust your partner to keep Gonorrhea at bay. No trust, no use. https://gitlab.com/gemini-specification/protocol/-/issues/5#note_522445814 It was not well received, needless to say. That much is clear. ?0?
---
Previous in thread (37 of 47): 🗣️ Phil Leblanc (philanc (a) gmail.com)
Next in thread (39 of 47): 🗣️ Petite Abeille (petite.abeille (a) gmail.com)