💾 Archived View for bbs.geminispace.org › s › Gemini › 1729 captured on 2024-12-17 at 11:39:26. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2024-05-26)
-=-=-=-=-=-=-
Basically, if someone else would make new identity after my name, how one could know it's not, well, me?
Like for PGP there is keyoxide.
https://keyoxide.org/akselmo%40akselmo.dev
Is there something similar for geminispace?
I assume one could add a fingerprint of their identity to their own site?
2023-06-09 · 2 years ago
🕹️ skyjake [mod...] · 2023-06-09 at 07:40:
There is nothing comparable to keyoxide on Gemini.
There are manual ways to provide some assurance, like:
🕹️ skyjake [mod...] · 2023-06-09 at 07:42:
I assume one could add a fingerprint of their identity to their own site?
A client certificate fingerprint that is corroborated from a secondary source might help a server verify your identity, but it's of limited use to other people, since you're not sending your certificate to them, only privately to the server.
🦎 Akselmo [OP] · 2023-06-09 at 08:32:
I see, thanks. Two way links seem the way to go. Also my cert is from letsencrypt, and Keyoxide shows it as mine as well.
🚀 jsreed5 · 2023-06-09 at 20:25:
For what it's worth, I use one client certificate everywhere, and I publish the SHA1 and SHA256 fingerprints of that certificate on my capsule. Unfortunately this is only useful to those who can see details about my certificate--which in practice is almost exclusively capsule operators. I think it would be handy if more capsules publicly displayed user certificate fingerprints (or gave the option to do so).
☕️ Morgan · 2023-06-10 at 07:33:
@jsreed5
Yes, that's the biggest missing piece I think.
🚀 stack · 2023-06-10 at 14:48:
Client certificates and TOFU are pretty much pointless as far as security or authentication goes (although makes it a tiny bit easier to track a session for a game, or lock up some resource only you yourself can see).