I'd like to suggest that, to supplement TOFU, we copy OpenSSH's trick of displaying a fingerprint as ASCII art. I just implemented this in my client diohsc; here's an example: ``` > g gemini.circumlunar.space >>> gemini://gemini.circumlunar.space Certificate chain: DST Root CA X3 >>> Let's Encrypt Authority X3 >>> gemini.circumlunar.space +-----[X509]------+ +-----[X509]------+ | .. . | | ... . | |o . . . . | | . o . | |+o . o o | | o o | |+E = . = | | . . o | | . + + ^ . | | . . o ^ | | . + * o | >>> | + + E | | . o . | | . @ . | | . | |.o + * | | | |B+..o | +----[SHA256]-----+ +----[SHA256]-----+ Let's Encrypt Authority X gemini.circumlunar.space Expires 2021-03-17 Expires 2020-08-01 25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d >>> 2bba43d5886f92f4e3f1d0fc1d66d647c2b890965e8088f09d0345649bb5bd25 No previous certificate seen for this host -- trusting provided certificate! [press a key] ``` The idea is that these pictures are much easier for humans to recognise than long hex strings. So even if you don't have the fingerprint you're expecting saved to disk, you might be familiar enough with its picture that you can recognise if it's changed. This is using the "drunken bishop" algorithm used by OpenSSH; it's pretty straightforward, and described nicely here: http://www.dirk-loss.de/sshvis/drunken_bishop.pdf (I'm using this nice haskell implementation: https://hackage.haskell.org/package/drunken-bishop ) I think it might be nice if we had a cross-client convention to use these fingerprint pictures.
The pictures were wrong in my original post, sorry, I was accidentally rehashing the hash; in case anyone wants to use them to test their own implementation, I believe the correct pictures should be: ``` +-----[X509]------+ +-----[X509]------+ | ..+ooO++ | | .*+*o. . | | .++Bo+ + | | ..B.. . o . .. | | . oO o.+ o | | o . E . ....| | *=.= o o .| | ..o + o .o o.| | *.^*E... . | | o.oo^..o+.o | | . +.Boo . | >>> | . = o.+.... | | o . . | | + * . + | | o | | B + . . | | . | | ..=.. | +----[SHA256]-----+ +----[SHA256]-----+ Let's Encrypt Authority gemini.circumlunar.spac Expires 2021-03-17 Expires 2020-08-01 ```
> On Jun 20, 2020, at 13:59, mbays at sdf.org wrote: > > This is using the "drunken bishop" algorithm used by OpenSSH; it's pretty straightforward, and described nicely here: > http://www.dirk-loss.de/sshvis/drunken_bishop.pdf Cool. Further reading related to this technic: Hash Visualization? a New Technique to improve Real?-World Security http://users.ece.cmu.edu/~adrian/projects/validation/validation.pdf
---
Previous Thread: Some new tests in the Gemini Client Torture Test