💾 Archived View for bbs.geminispace.org › s › misfin › 1095 captured on 2023-07-22 at 17:09:02. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2023-07-10)

➡️ Next capture (2023-09-08)

🚧 View Differences

-=-=-=-=-=-=-

I was working on the Tofu verifier for my misfin library and it struck me how much more work it is from a developer standpoint than it would be to just use CA signed certificates. I know it's easier for the end user to set up a server without getting certificates, but with LetsEncrypt and Acme it's not really all that much work.

I thought much the same when working with the Gemini spec a while back. In fact, I found a lot of projects when looking for examples where they were just using a dummy verifier and not doing any validity checks. Since most libraries expect you to use normal CA certs that's definitely the happy path in most languages, and I wonder if we're repeating an earlier mistake.

Posted in: s/misfin

🦀 jeang3nie

2023-05-26 · 8 weeks ago · 👍 ttocsneb