Olivier Migeot
6 ans auparavant

A naïve proposal to propagate server-certs (NOT CAs!) between Friendica/Red instance
This is probably un-doable and/or unsecure as hell. But if it works, it could be a sweet way to deal with the "no self-signed certs" rule on the Free Social Web.

The big picture

Every instance publishes her own certificate (self-signed or not) in a special place, referenced from .well-known. Servers discovers (but don't validate, more on that later) certificates from one another as messages go between them (probably in the same time they discover themselves through webfinger).

If they feel it's adequate - and verified and so on - server admins can chose to review and re-publish remote certs as being "verified". Users will then have access to a page showing every cert "trusted" by their Friendica's host, maybe with some information about it (expiration date, maybe a trick - https-hosted picture? - to show if it's already verified by the browser or not, etc.).
That way, people who can trust (for they already added its cert) ServerA might be able to see (and add) cert from ServerB, who AdminA chose to trust. If cert is "natively" (... montrer plus
7 commentaires montrer plus
Olivier Migeot
6 ans auparavant

@Emmanuel Revah

With things like that (http://www9.atwiki.jp/kurushima/pub/jsrsa/) you should be able to verify things client-side, but since pages are generated on the server (which could easily replace the verification routine by something that fits his needs), you're bound to trust the admin anyway.
Emmanuel Revah
6 ans auparavant

Well, you have to trust the admin for the ssl that you are connecting to, yes. That is user<->admin trust. Then infos pushed from node to node is admin<->admin. right ? I think we agree on that if I managed to follow. :]

In both cases there is always a client<->server relation going on, and that client (user or node) needs to verify a cert. Built in CAs help automate the trust (for a user as well as for a node). Replacing that system using DNS and/or the idea you suggested with peer review done by the nodes is neat.

As for the jsrsa, I'm not sure I got that, haven't time to dive in today, I haven't worked an inch today : ]
Signaler un bug