<-- back to the mailing list

[spec] Certificate trust

devel at datenbrei.de devel at datenbrei.de

Mon Mar 1 17:21:29 GMT 2021

- - - - - - - - - - - - - - - - - - - 

Am 28.02.21 um 23:07 schrieb Martin Keegan:

On Sun, 28 Feb 2021, Côme Chilliet wrote:
I’m failing to see how TOFU can provide any security, especially if
Does SSH provide any security

In all of my life I used ssh to administer servers which had been my own or had been owned by the company I had been working on. So, if I set up a server from scratch I always did know exactly, why my ssh did warn me about a mismatch.

Using servers of others gives a totally different situation. I don't know anything why or by whom a certificate had been changed. Anyways, if I gave trust to somebody the first time, why should I not trust him the next time? No matter for me if I'm just reading Gemini pages.

Martin