💾 Archived View for rawtext.club › ~sloum › geminilist › 002101.gmi captured on 2020-09-24 at 01:26:01. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Solderpunk solderpunk at posteo.net
Tue Jul 7 10:53:34 BST 2020
- - - - - - - - - - - - - - - - - - -
On Tue Jul 7, 2020 at 5:20 AM CEST, Michael Lazar wrote:
Servers can still rotate key pairs without introducing the attack vector
of
expiring the old ones [2]. As soon as a client connects to a server and
accepts
the new keypair, any old certs should automatically become invalid to
that
client, because they're not the trusted "first-use" certificate anymore.
It's
not like a CA system where there can be multiple valid keypairs live at
the
same time. This is also true for transferring domain ownership.
You're right that TOFU clients should in general only have a singleactively trusted key on record for each server.
I guess I see the main utility of explicit expiration dates in thiscontext as being a kind of promise from the sever admin that "I have noplans to do a key rotation for about this length of time". This meansthat apparent MITM attacks happening at a time when there's a lot ofvalidity left can be treated with much higher suspicion.
You would need some overlap in the validity periods to allow time to
swap out
the keys on the server.
Sure.
Honestly though, this sounds like an obtuse way to avoid using a CA.
Once you
are employing certificate chains is it really self-signed anymore?
Generate
your own CA with a 100-year expiration and stick *that* on the USB
drive.
Well, that's sort of what that idea is, at core: being your own CA.TOFU clients treating certificates that they've trusted once as CAsof very limited power (only able to sign future certs for that onedomain, and perhaps only good for a single signature) is an interestingway to get from "trusting on blind faith everytime a new cert comes downthe line" to "trusting on blind faith once at the very beginning andthen building up strong trust over time that you're always interactingwith the same party". That second situation, if we can get there, is, Iwould argue, good enough for Geminispace - and, arguably, a lot morelike how trust in the real world works.
Cheers,Solderpunk