💾 Archived View for bbs.geminispace.org › u › gemalaya › 17630 captured on 2024-06-16 at 15:00:31. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Re: "Gemini connections are TOFU encrypted. Are all Misfin..."
@blah_blah_blah Hello. Here's what the original spec (by lem) says:
Misfin clients and servers send certificates during a transaction, but have no obligation to verify these certificates; however, this is highly, highly discouraged.
Like Gemini, the default validation method for certificates is TOFU, or Trust on First Use. Misfin clients and servers should store the fingerprint of a received certificate the first time it is received, and subsequent certificates from that client or server should be matched against the stored fingerprint.
— https://git.sr.ht/~lem/misfin/tree/master/item/specification.gmi
Jun 03 · 13 days ago
Misfin messages are not end to end encrypted by default, but they are encrypted over the wire. End to end encryption is perfectly compatible with misfit but out of scope for the spec.
By the way here's the cert validation method in the python impl :) Not even sure TOFU is implemented.
def _validate_nothing(conn, cert, err, depth, rtrn):
""" Callback that lets us steal certificate verification from OpenSSL. """
"""
This is !!!DANGEROUS!!! but necessary to allow us to accept
self-signed certs.
"""
return True
what is the role of client cert in the whole scheme? Is the client/server public keys used to wrap up the session key for TLS? sorry if the question is basic
@decant The misfin mail addresses are derived from the server/client X509 cert attributes. The client cert is the sender certificate, the server cert is the recipient mailbox certificate.
Gemini connections are TOFU encrypted. Are all Misfin transactions conducted the same way, or is it optional? Any opinions on the privacy implications of using Misfin?