💾 Archived View for gemini.bunburya.eu › newsgroups › gemini › messages › t8rstm$3mo$1@gioia.aioe.or… captured on 2024-05-26 at 15:14:05. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2022-07-16)
-=-=-=-=-=-=-
From: tpt <Rajoduo@yahoo.com>
Subject: Re: Certificate renewal under TOFU?
Date: Tue, 21 Jun 2022 09:44:53 +0200
Message-ID: <t8rstm$3mo$1@gioia.aioe.org>
On 18-Jun-22 20:24, danrl wrote:
On 2022-06-02, mbays@sdf.org <mbays@sdf.org> wrote:
> gemini://gemini.thegonz.net/certRecs.gmi
This is very helpful. Thank you.
Although long validity times for certs make me uneasy when there is no
revocation lists, which brings us back to either PKI or DANE. Both seem better
suited for the job than TOFU to me. Luckily, we can combine them (somewhat).
Hypothetically speaking, what would be the arguments against using DANE
for Gemini? On first glance it seems like a perfect thing for the job.
Parent:
Re: Certificate renewal under TOFU? (by danrl <d@x.gl> on Sat, 18 Jun 2022 18:24:33 -0000 (UTC))
Start of thread:
Certificate renewal under TOFU? (by danrl <d@x.gl> on Mon, 30 May 2022 03:31:15 -0000 (UTC))
Children: