<-- back to the mailing list

Updated recommendations regarding TOFU & TLS

Petite Abeille petite.abeille at gmail.com

Thu Mar 4 17:43:03 GMT 2021

- - - - - - - - - - - - - - - - - - - 
On Mar 4, 2021, at 18:36, Drew DeVault <sir at cmpwn.com> wrote:
The server generates a certificate and it just works. This is much easier.

True. Especially because no one verifies the resulting certificate at all. Easy-peasy indeed.

Actually, one could not bother at all as there is no chain of trust to speak of. Even easier.

What's the point? Honest question.

What's the [threat|trust|usage] model?

https://en.wikipedia.org/wiki/Threat_model

±0¢