💾 Archived View for rawtext.club › ~sloum › geminilist › 006275.gmi captured on 2023-11-14 at 09:29:34. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-11-30)
-=-=-=-=-=-=-
nervuri nervuri at disroot.org
Sun Apr 4 20:02:10 BST 2021
- - - - - - - - - - - - - - - - - - -
On Thu, 2021-03-04, Drew DeVault wrote:
Hello! I have recently announced some upcoming changes to my Gemini
software implementations with respect to TLS and TOFU:
https://lists.sr.ht/~sircmpwn/gmni-discuss/%3CC9OP7IK9T9EP.15EOEOOS7QSB9%40taiga%3E
I've also updated my older TOFU recommendations article to reflect the
changes:
gemini://drewdevault.com/2020/09/21/Gemini-TOFU.gmi
A few observations:
1. Not storing the port means that the client can't adequately supportdifferent certs being served on different ports. You can test with:
wikipedia.geminet.orgwikipedia.geminet.org:1966
2. Not storing the expiration timestamp means that the client can'tissue a less scary warning when it receives a new cert after the old oneexpired (or when it's about to expire).
Solderpunk argued in favor of clients using expiration dates, for ex:https://lists.orbitalfox.eu/archives/gemini/2020/002101.html
I guess I see the main utility of explicit expiration dates in this
context as being a kind of promise from the sever admin that "I have no
plans to do a key rotation for about this length of time". This means
that apparent MITM attacks happening at a time when there's a lot of
validity left can be treated with much higher suspicion.
3. A cert can be renewed without changing its public key, so storing ahash of the SPKI (SubjectPublicKeyInfo) instead of the entirecertificate means potentially less unnecessary warning messages forusers. Here's the OpenSSL command to extract the SHA512 hash of theDER-encoded SPKI:
openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha512 -binary | openssl enc -base64 -A
I used base64 at the end to get a shorter string.
And here's the command one would use to renew a cert without changing keys:
openssl req -new -x509 -key private_key.pem -out new_cert.pem -subj "/CN=example.com" -days 36500
It generates a certificate valid for 100 years using the old key.Amfora uses the SPKI, so it wouldn't raise a warning about this new cert.