adds sshfp gemlog

atom.xml

@@ -4,7 +4,7 @@
   <title>tomasino@tilde.team</title>
   <link rel="alternate" href="gemini://tilde.team/~tomasino/"/>
   <link rel="self" href="gemini://tilde.team/~tomasino/atom.xml" />
-  <updated>2021-02-27T16:50:00Z</updated>
+  <updated>2021-03-13T00:00:00Z</updated>
   <id>gemini://tilde.team/~tomasino/</id>
 
   <author>
@@ -12,6 +12,20 @@
     <uri>gemini://tilde.team/~tomasino/about.txt</uri>
   </author>
 
+  <entry>
+    <title>SSHFP and the TOFU issue</title>
+    <link href="gemini://tilde.team/~tomasino/journal/20210331-sshfp-and-the-tofu-issue.gmi"/>
+    <id>gemini://tilde.team/~tomasino/journal/20210331-sshfp-and-the-tofu-issue.gmi</id>
+    <updated>2021-03-31T11:38:00Z</updated>
+  </entry>
+
+  <entry>
+    <title>Vintage TV: Superman (1952) - Part 4 - The Forever King</title>
+    <link href="gemini://tilde.team/~tomasino/vintagetv/superman-04.gmi"/>
+    <id>gemini://tilde.team/~tomasino/vintagetv/superman-04.gmi</id>
+    <updated>2021-03-13T00:00:00Z</updated>
+  </entry>
+
   <entry>
     <title>Alt Text</title>
     <link href="gemini://tilde.team/~tomasino/journal/20210227-alt-text.gmi"/>

index.gmi

@@ -10,6 +10,7 @@
 => /~tomasino/vintagetv/superman-01.gmi 2020-05-17 Superman - Part 1
 => /~tomasino/vintagetv/superman-02.gmi 2020-05-26 Superman - Part 2
 => /~tomasino/vintagetv/superman-03.gmi 2020-06-15 Superman - Part 3
+=> /~tomasino/vintagetv/superman-04.gmi 2021-03-13 Superman - Part 4
 
 ## Recent Journal Entries
 
@@ -17,6 +18,7 @@
 => /~tomasino/journal/20200813-keyboard-layouts.gmi 2020-08-13 Keyboard Layouts (Re: Cadey)
 => /~tomasino/journal/20200816-gnome-workspaces.gmi 2020-08-16 Gnome Workspaces
 => /~tomasino/journal/20210227-alt-text.gmi 2021-02-27 Alt Text
+=> /~tomasino/journal/20210331-sshfp-and-the-tofu-issue.gmi SSHFP and the TOFU issue
 
 ## Role Playing Games
 

journal/20210331-sshfp-and-the-tofu-issue.gmi

@@ -0,0 +1,24 @@
+# SSHFP and the TOFU Issue
+
+When a user connects to an unknown ssh server for the first time they are presented with the host key fingerprint for that server and recommended to confirm that this host key is correct. The expectation is that a user will look out-of-bounds for that, by making a phone call, sending an email, looking something up online, etc. It's often ignored, but for that do it often results in looking on a website for the fingerprint in a footer or about page.
+
+A few months back I speculated that it would be better to store this fingerprint in a DNS txt record than on a website that's most likely hosted on the same server you're logging into. If that server were compromised or hijacked it would be trivial for the bad actor to update the fingerprint on the website since they now control that too. It would be much harder, though, to compromise the DNS entries at the same time as the server.
+
+Fast-forward to today when I checked with a friend more experienced at DNS things than I am to see if I was reinventing the wheel. Sure enough, I was.
+
+Allow me to introduce you to the SSHFP Record:
+
+=> https://en.wikipedia.org/wiki/SSHFP_record SSHFP Record on Wikipedia
+
+This is far superior to my basic txt entry idea because it provides a reliable mechanism to automate verification of that fingerprint by providing all the relevant details. It also notes on the wiki page that with DNSSEC in place you can be assured of a chain-of-trust.
+
+Now we're faced with an extremely similar challenge in Gemini with TLS and TOFU (trust on first use). If we look to the pattern established already by SSHFP we could easily copy that to create a GEMINIFP record that achieves the same result. Chain-of-trust without a central authority!
+
+Have at it, nerds. Set the mailing list aflame with discussion.
+
+
+Originally Published 2021-03-31 at:
+gemini://tilde.team/~tomasino/journal/20210331-sshfp-and-the-tofu-issue.gmi
+
+If you have questions or thoughts to add please send me a link to your response.
+=> /~tomasino/about.txt Contact Information

journal/index.gmi

@@ -13,3 +13,5 @@
 => /~tomasino/journal/20200813-keyboard-layouts.gmi 2020-08-13 Keyboard Layouts (Re: Cadey)
 => /~tomasino/journal/20200816-gnome-workspaces.gmi 2020-08-16 Gnome Workspaces
 => /~tomasino/journal/20210227-alt-text.gmi 2021-02-27 Alt Text
+=> /~tomasino/journal/20210331-sshfp-and-the-tofu-issue.gmi SSHFP and the TOFU issue
+

vintagetv/superman-04.gmi

@@ -6,12 +6,29 @@
 => /~tomasino/vintagetv/superman-02.gmi Read Part 2
 => /~tomasino/vintagetv/superman-03.gmi Read Part 3
 
-A common theme 
+Superman is the story of unbalanced power, the ultimate in might makes right. The stories wear a disguise not unlike Clark Kent himself, at once obvious yet uncomprehendingly effective. This disguise of righteousness whether through moral sensibility, personal code, "The American Way", or similar credo is belied through the many examples where personal interest took precedence. It is our collective failure to recognize these actions for what they are that allows this Clark Kent persona to persist.
 
+In 2003 Mark Millar created the 3-issue comic "Red Son", a story which asked the simple question, "What if Superman had been raised in the Soviet Union?" In the short run it manged to thoroughly call into question our choice to hand over power to this alien on the premise that the shares our ideals. What if the situation were reversed? Is it ethical to enforce our views of society upon the world with a super-power? Will it not inevitably lead to a build-up of power to counter Superman or increase the fanatical rebellion into further extremes?
 
+Watching the concluding seasons of the 1950s Superman television program raises similar questions about the long-term viability of an immortal, omnipotent guardian of our values. For all the liberal leanings of the Daily Planet at the time, the moral code espoused by our hero has become quickly dated. Ignoring the obvious areas of minority and women's rights, lets look at some basic examples:
 
+The fourth amendment to the constitution states: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized." Here's a line Superman simply disregards as a matter of course. Whether he is flying in through an open window, removing and then replacing a door, or simply peeping through walls with his x-ray vision, there is no doubt that Superman has no respect for the rights of people to be secure against unreasonable searches. In fact, his snooping is used several times as justification for police to search with probable cause. This surely would be torn apart in a court of law.
 
-Originally Published 2020-11-07 at:
+I could likewise do the same with amendments 5, 6, or 7. Where Superman's needs for secrecy come into play, due process disappears. I point you back to my earlier essays with examples of Superman committing crimes of false imprisonment and manslaughter to protect his secret. His respect for law & order is a farce of convenience which he sheds as necessary. In the final seasons we see several episodes where Superman is arrested for suspicion of a crime ("Divide and Conquer", "The Town That Wasn't", etc) only to break out when the moment needs.
+
+Regardless of his appreciation for the laws of humanity Superman clearly does follow a code. It is based, we must assume, upon his upbringing by the Kent family. Their early-twentieth-century morality has been deeply instilled and that sense of right and wrong and need for justice drives his actions. But what comes of the world when that morality no longer fits? What happens when a criminal isn't some organized crime boss with sights set on world domination but rather a desperate single father who is struggling through a lack of social support systems? What about crimes that shouldn't be, like feeding the homeless in Atlanta?
+
+As society changes or morals and laws must change with them. What was seen as righteous by one age may seem criminal by the next. The burden of self-governance is just that. We must always perpetually struggle toward a greater justice. Or not. Perhaps the next group in power will favor a select minority over all others once again. In either case the rules of society are not static. Our morality is not static. It evolves and grows through greater understanding of one another. And so what part can an unchanging, all-powerful being have in that world?
+
+Superman represents many things: the American ideals of a specific point in time, the hope for a father-figure who can make right the wrongs in the world, a savior who shares the personal values of the average person. He also represents the ultimate strong-arm of the law, the forceful oppression of resistances to a singular ultimate truth and justice. Superman, in a very real sense, represents the fascist ideal.
+
+What? But Superman fought the Nazis! Yes, his purpose is clear in war effort and in support of a local nationalist pride. And yes, his particular brand of mid-western morality seems antithetical to the atrocities of fascist regimes. Yet what else is he but a dictatorial presence pushing for a singular view of what it means to be American, or indeed, human. The longer he remains present and relevant the more his ideas will seem conservative and old-fashioned. Instead of the bigotry of a demonized "other" we have a literal super-being to hold up as our master race ideal. And if we are to imitate that being as all-but-divine, our own use of force to solve our problems is sure to follow.
+
+The danger of a Superman Forever-King is the danger of an endless fascist state. It would surely lead to increased worldwide tensions, rebellion, arms races, and desperate actions by those seeking to break free of the tyranny to come. In the end I don't suppose it would be much different than the events in Red Son.
+
+I, for one, am glad it went off the air. It's unfortunate it also marked the end of George Reeves.
+
+Originally Published 2021-03-13 at:
 gemini://tilde.team/~tomasino/vintagetv/superman-04.gmi
 
 If you have questions or thoughts to add please send me a link to your response.