nervuri
/
gemini-certificate-validation-demo-1
forked from solderpunk/gemini-demo-1
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Clarify README.

This commit is contained in:
nervuri 2022-02-17 18:20:22 +00:00
parent c375807e26
commit 1bd6c34c11
1 changed files with 14 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
README.md
View File

@ -1,23 +1,20 @@
# gemini-certificate-validation-demo-1
This is a minimal Gemini client capable of (self-signed) certificate
validation using the additional network perspective of a Tor exit node.
When the client encounters a new certificate for a host, it makes a TLS
connection to the same host via Tor, in order to obtain its certificate
from a second vantage point. The user is notified on certificate
mismatch or connection failure.
Minimal Gemini client capable of (self-signed) certificate validation
using the additional network perspective of a Tor exit node.
This method should detect any local man-in-the-middle attack
(originating from the same LAN, for instance) and should also provide
protection over a more or less broad area of the Internet, depending on
the exit node's position in the network graph and its DNS resolution
setup. Any attack will trigger an alert unless it affects both the user
and the exit node (whether it's a BGP hijack, a DNS compromise or
whatever else).
When the client encounters a new TLS certificate for a host, it connects
to that same host via Tor, in order to obtain its certificate from a
second vantage point. The user is notified on certificate mismatch or
connection failure.
This validation method works best when the exit node is far from the
user's position. Users may configure Tor to select specific exit nodes
by setting
Any MITM attack (whether enabled by BGP hijack, DNS compromise or
whatever else) will trigger an alert unless it affects both the user and
the exit node at the same time. As such, this validation method works
best when the exit node and the user are far apart and are not using the
same DNS resolver.
Users may configure Tor to select specific exit nodes by setting
the [ExitNodes](https://2019.www.torproject.org/docs/tor-manual.html.en#ExitNodes)
and [StrictNodes](https://2019.www.torproject.org/docs/tor-manual.html.en#StrictNodes)
options in their `torrc` file. The `ExitNodes` option accepts
@ -29,7 +26,7 @@ ExitNodes {fr}
StrictNodes 1
```
False alarms can be triggered by MITM attacks on the exit node's end.
False alarms can be triggered by attacks on the exit node's end.
And, obviously, validation does not work for servers which block Tor.
Validated certificates are kept in memory for the duration of the