Trump cuts funding to FOSS projects.
-
Tofu stands for Trust on First Use. So basically, you would get an SSL certificate from the website the very first time you connected to it, instead of trusting a certificate authority. Then, if the SSL certificate changed, you would then be warned that the certificate had changed and would have to decide whether to trust the new certificate or not trust the new certificate. That's why I said perhaps search engines could index certificates and tell you how long the certificate has been active and you could check several engines quickly to determine whether each engine has the same certificate indexed for the same website and if they did not then you would know something might be up.
I don't feel like this adequately accounts for stupid people though. The number of times I've seen people freak out over a perfectly legit website because a cert warning popped up or others who have ignored the warning and clicked through to a scam or malware...
️ -
I don't feel like this adequately accounts for stupid people though. The number of times I've seen people freak out over a perfectly legit website because a cert warning popped up or others who have ignored the warning and clicked through to a scam or malware...
️Decentralization comes with some casualties, and stupid people might just be those casualties.
-
As far as Let's Encrypt goes, the easy way to solve that is self-signed SSL certificates and Tofu. Just make it stupid obvious if an SSL certificate changes on a site that you go to. Like, turn your browser into a giant red screen that says that the security of the website has changed and may be broken obvious. Maybe you could have search engines also index SSL certificates so you could see if Google and Bing and DuckDuckGo and whoever else all say that this website has the same SSL certificate that it has had for X amount of time and if the search engines start showing different results you get suspicious
i don't think this is a good idea. govs could just set up a big reverse proxy for lots of sites to serve them with their own certs, and you wouldn't know
-
i don't think this is a good idea. govs could just set up a big reverse proxy for lots of sites to serve them with their own certs, and you wouldn't know
Seems like no change from right now, because currently the certificate authorities are centralized entities, which could be pressured by governments to add their own certificates.
-
But i2p doesnt have PoW DDOS protection. Trust me, that shit helps a fuckton for limiting ddos. I witnessed firsthand nine onion services that upgraded from not having DDOS protection to having DDOS protection while under attack and the attack completely stopped.
Yeah, fair.
-
As far as Let's Encrypt goes, the easy way to solve that is self-signed SSL certificates and Tofu. Just make it stupid obvious if an SSL certificate changes on a site that you go to. Like, turn your browser into a giant red screen that says that the security of the website has changed and may be broken obvious. Maybe you could have search engines also index SSL certificates so you could see if Google and Bing and DuckDuckGo and whoever else all say that this website has the same SSL certificate that it has had for X amount of time and if the search engines start showing different results you get suspicious
How about a Blockchain or Directed Acyclic Graph (DAG) out of SSL certs
I think that would finally be a use case for that tech, lol
-
How about a Blockchain or Directed Acyclic Graph (DAG) out of SSL certs
I think that would finally be a use case for that tech, lol
A blockchain to verify ssl cert keys and changes may work. Though idk how consensus would be secured.
-
Tech bros are only interested in getting the results from open source. They want the free software from their slaves, they aren't interested in paying anything.
Tech companies, for a while, added a bit to open source as it was in their own self interest, but they still shut out everything that wasn't them, they still make the internet in the horrible stonewalled garden that it is today. No account? Half the internet isn't accessible to you anymore
Fuck all the big tech and social media companies
Tech bros are only interested in getting the results from open source
That's why we need the GNU AGPLv3
-
cross-posted from: https://programming.dev/post/28204065
This is it... This is the last straw!!! I was ok with the destruction of free trade, I was ok with the genocide funding, I was ok with the bastardisation of the administrative branch, and I was absolutely okay with the racism!!! But this, THIS??? ABSOLUTELY UNACCEPTABLE!!! As a MAGA supporter, I cannot stand for this any longer! You should be dismantling the minorities, not my website!!!
/s
-
A blockchain to verify ssl cert keys and changes may work. Though idk how consensus would be secured.
If you issue a certificate, you proof ownership via * challenge–response test that is validated by each node. If x% (like eg. 70%) of nodes agree that the test is passed, the block counts as validated and can be placed onto the chain. (Each node places the block on their chain and the hash must be same as hash of chain of majority of nodes)
-
System shared this topic
