💾 Archived View for stack.tilde.cafe › gemlog › 2022-01-19.certifexp.gmi captured on 2024-06-16 at 12:40:20. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-09-08)
-=-=-=-=-=-=-
Ctrl-c.club's Gemini server certificate expired on 2022-01-16. What happens now?
TOFU (Trust On First Use) model, employed by Gemini, is a mixed bag of nuts. Gemini clients authenticate servers and encrypt communication, which is great - the ISP (or any man-in-the-middle) can't listen in. But how do we know that the server we connect to for the first time is real? We can exchange keys in secret, so no one else is involved, but how do we _authenticate_ the server? Without some authority vouching for it, we really can't.
The web resolves the issue by having a trusted central authority issue certificates, which guarantee authenticity (guarantee in human terms, not mathemetical terms). In reality, the guarantee is that the party you contacted has a certificate signed by the authority, which not quite what you want, but better than nothing. Gemini just avoids the issue and lets you decide whether you should trust random parties without any real way to verify who they are - the first time you connect. Once you approve the first contact, the site is assumed to be trustworthy. The certificates may be self-signed.
Is TOFU a good idea? Probably not, from the security standpoint. It reduces the attack window to the initial contact, but then gives you a fake sense of security on subsequent contacts. If you've been pawned the first time, you will continue to be mislead. It does cut out the short con, but you are open to the long con. If someone cared, they could continue to feed content identical to the real site, for instance, until some crucial time when false information is introduced, probably to your detriment.
In practice this is not an issue, as no one (yet) uses Gemini for banking or critical life-or-death applications. An even then, for this to work, the victim's very first contact with a bank over Gemini would have to be with the evil entity - the 'First Use' trust implies that anyone with a pre-established legitimate connection to a bank will reject the intruder's certificate as a forgery.
It's good to remember that there is no real reason to assume that any site on Gemeni is not evil.
TOFU practice seems to intuitively parallel our human experience with other humans. When we first meet someone, we trust them enough to establish the initial contact; we depend on our disposition, previous good or bad experiences, and perhaps even personality defects that make us too vulnerable or too paranoid.
After that, we mentally keep a 'trustworthiness' score - sometimes subconciously, sometimes very much in the open -- which helps us keep track of the reputation of the other party. We hear stories from friends or social media, and make decisions about how much to trust them.
Time is an important element - we are much more likely to trust an old friend than someone we just met.
In the digital domain, things are a little skewed, making time/experience-based reputation a little harder to trust. We deal with unknown parties without a physical presense or a legal consequence (in many cases). Building a reputation as a human is a long and expensive process, and not many would chose to lose it and start over in order to commit a petty crime. Online, thousands of entities may be harvested using automation, and a long con for something small can be made profitable through sheer numbers.
So one of the things each certificate contains is an expiration date. When Gemini started up, no one gave much thought of when to expire their certificates. In fact it may even seem like a good idea to expire a certificate soon and replace it with a new one annually - that's how the big boys do it. Largely for capitalist reasons, since they want to sell you the signing services.
So many certificates are expiring. Ctrl-c.club's certificate is one of them. Every time you access this site (for now) you will see a security warning about the expired certificate. Scary! You need to actively defeat the security that Gemini is so proud of (kind of). And some browsers keep an alert around to remind you that the certificate is not valid even after you approve it. And keep reminding you, over and over.
You can't update the expiration date of a certificate - you have to make a new one. But when ctrl-c.club decides to do that, an even worse security alert will pop up, letting you know that the site you connected to has an entirely different certificate and is likely to be a forgery. Do you want to trust it? Yes or no? That is truly terrifying!
Now you have to make a decision. Is ctrl-c.club compromised? Are you connecting to the real one or did someone hack it? Remember, if you agree now, it is forever (or for the duration of the new certificate, which is hopefully, 100 years or maybe whatever the maximum is).
If you are not technically savvy, you watch this escalation with suspicion: first, it said that something expired and there is a security warning. Then, it got really bad and you are warned that the site may be a forgery. Time to call your nephew who works with computers.
No wonder ctrl-c is in no rush to replace their certificate with an unexpired one.
If you are technically savvy, the whole thing is really terrifying and you wonder: