πΎ Archived View for rawtext.club βΊ ~sloum βΊ geminilist βΊ 001810.gmi captured on 2020-10-31 at 02:32:05. Gemini links have been rewritten to link to archived content
β¬ οΈ Previous capture (2020-09-24)
-=-=-=-=-=-=-
colecmac at protonmail.com colecmac at protonmail.com
Sat Jun 20 01:22:13 BST 2020
- - - - - - - - - - - - - - - - - - -
Two quick takeaways I made that I will add to Amfora:
makeworld
βββββββ Original Message βββββββOn Friday, June 19, 2020 4:03 PM, solderpunk <solderpunk at SDF.ORG> wrote:
On Fri, Jun 19, 2020 at 06:51:35PM +0000, colecmac at protonmail.com wrote:
Whether this is specced (as an optional client behaviour) or not, I think
the spirit of "mostly secure" suggests that at the very least, simple clients
should look at cert hash and expiry, and not just the cert public key as Felix
suggested in this thread originally. I think it'd be nice to see this suggestion
in the Best Practices file, if you agree.
I want to setup an entirely separate document on TOFU practices! I
don't want to rush into it, though. I am planning to read this paper
over the weeekend:
https://rp.delaat.net/2012-2013/p56/report.pdf
Feel free to join in!
Cheers,
Solderpunk