💾 Archived View for gemini.bunburya.eu › newsgroups › gemini › messages › t8rstm$3mo$1@gioia.aioe.or… captured on 2024-08-25 at 00:05:48. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2022-07-16)

-=-=-=-=-=-=-

Re: Certificate renewal under TOFU?

Message headers

From: tpt <Rajoduo@yahoo.com>

Subject: Re: Certificate renewal under TOFU?

Date: Tue, 21 Jun 2022 09:44:53 +0200

Message-ID: <t8rstm$3mo$1@gioia.aioe.org>

Message content

On 18-Jun-22 20:24, danrl wrote:

On 2022-06-02, mbays@sdf.org <mbays@sdf.org> wrote:
> gemini://gemini.thegonz.net/certRecs.gmi
This is very helpful. Thank you.
Although long validity times for certs make me uneasy when there is no
revocation lists, which brings us back to either PKI or DANE. Both seem better
suited for the job than TOFU to me. Luckily, we can combine them (somewhat).

Hypothetically speaking, what would be the arguments against using DANE

for Gemini? On first glance it seems like a perfect thing for the job.

Related

Parent:

Re: Certificate renewal under TOFU? (by danrl <d@x.gl> on Sat, 18 Jun 2022 18:24:33 -0000 (UTC))

Start of thread:

Certificate renewal under TOFU? (by danrl <d@x.gl> on Mon, 30 May 2022 03:31:15 -0000 (UTC))

Children:

Re: Certificate renewal under TOFU? (by Matthew Ernisse <matt@going-flying.com> on Thu, 23 Jun 2022 12:34:55 -0000 (UTC))