💾 Archived View for rawtext.club › ~sloum › geminilist › 005942.gmi captured on 2023-12-28 at 16:26:25. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-11-30)
-=-=-=-=-=-=-
Petite Abeille petite.abeille at gmail.com
Thu Mar 4 23:25:52 GMT 2021
- - - - - - - - - - - - - - - - - - -
On Mar 5, 2021, at 00:13, Phil Leblanc <philanc at gmail.com> wrote:
On Thu, Mar 4, 2021 at 11:05 PM Petite Abeille <petite.abeille at gmail.com> wrote:
so, "Petite Abeille" sounds more positive to me :-)
An apiculturists commune this is not.
Right. What an amazing thread...
You are not saying :P
Anyway, thanks to Drew DeVault for his TOFU/TLS recommendations. I am
not sure any of the 36+ following replies related to it - but I may
have missed some :-)
Not really, no. Mostly pests control. Go figure.
That said, I still don't get the TOFU usage model in the context of Gemini... not that I necessarily need to understand it to have a good night sleep, but still... out of curiosity...
In ssh, I know the host, therefore I trust the key. Plus, this happens only every blue moon. No brainer.
Not so in the wild-wild Gemini space.
Infinite number of esoteric, fly-by-night operators.
All harmless for sure, but still.
What's the trust model, if any?
Or is it more like Trust-And-Pray (TAP)?
In which case, why bother? Just ignore all certificates and be merry.
This is what a Little Bee impersonator had to say on GitLab:
Trust on first use (TOFU) is akin to unprotected intercourse: you must trust your partner to keep Gonorrhea at bay.
No trust, no use.
https://gitlab.com/gemini-specification/protocol/-/issues/5#note_522445814
It was not well received, needless to say.
That much is clear.
±0¢