From 1bd6c34c11bd84567c3d1c3f31f640c8235146be Mon Sep 17 00:00:00 2001 From: nervuri Date: Thu, 17 Feb 2022 18:20:22 +0000 Subject: [PATCH] Clarify README. --- README.md | 31 ++++++++++++++----------------- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index 45fc60a..9ebf535 100644 --- a/README.md +++ b/README.md @@ -1,23 +1,20 @@ # gemini-certificate-validation-demo-1 -This is a minimal Gemini client capable of (self-signed) certificate -validation using the additional network perspective of a Tor exit node. -When the client encounters a new certificate for a host, it makes a TLS -connection to the same host via Tor, in order to obtain its certificate -from a second vantage point. The user is notified on certificate -mismatch or connection failure. +Minimal Gemini client capable of (self-signed) certificate validation +using the additional network perspective of a Tor exit node. -This method should detect any local man-in-the-middle attack -(originating from the same LAN, for instance) and should also provide -protection over a more or less broad area of the Internet, depending on -the exit node's position in the network graph and its DNS resolution -setup. Any attack will trigger an alert unless it affects both the user -and the exit node (whether it's a BGP hijack, a DNS compromise or -whatever else). +When the client encounters a new TLS certificate for a host, it connects +to that same host via Tor, in order to obtain its certificate from a +second vantage point. The user is notified on certificate mismatch or +connection failure. -This validation method works best when the exit node is far from the -user's position. Users may configure Tor to select specific exit nodes -by setting +Any MITM attack (whether enabled by BGP hijack, DNS compromise or +whatever else) will trigger an alert unless it affects both the user and +the exit node at the same time. As such, this validation method works +best when the exit node and the user are far apart and are not using the +same DNS resolver. + +Users may configure Tor to select specific exit nodes by setting the [ExitNodes](https://2019.www.torproject.org/docs/tor-manual.html.en#ExitNodes) and [StrictNodes](https://2019.www.torproject.org/docs/tor-manual.html.en#StrictNodes) options in their `torrc` file. The `ExitNodes` option accepts @@ -29,7 +26,7 @@ ExitNodes {fr} StrictNodes 1 ``` -False alarms can be triggered by MITM attacks on the exit node's end. +False alarms can be triggered by attacks on the exit node's end. And, obviously, validation does not work for servers which block Tor. Validated certificates are kept in memory for the duration of the