commit: 8b2c376fd3081d934d33dc2d702dc1e3d21e6107
parent 6bf4cff2921f641a568c9cb637d7a6d012141aec
Author: Drew DeVault <sir@cmpwn.com>
Date: Mon, 21 Sep 2020 18:24:23 -0400
Fix algorithm issues
Diffstat:
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/content/blog/Gemini-TOFU.md b/content/blog/Gemini-TOFU.md
@@ -37,13 +37,13 @@ certificate, take the following steps:
dates against the current time, and check that the hostname is correct
(including wildcards). Apply any other scrutiny you want, like enforcing a
good hash algorithm or an upper limit on the expiration date. If these checks
- do not pass, the trust state is INVALID, GOTO 4.
+ do not pass, the trust state is INVALID, GOTO 5.
2. Compute the certificate's fingerprint. Use the entire certificate (in OpenSSL
terms, `X509_digest` will do this), not just the public key.[^1]
3. Look up the known_hosts record for this hostname. If one is found, but the
record is expired, disregard it. If one is found, and the fingerprint does
not match, the trust state is UNTRUSTED, GOTO 5. Otherwise, the trust state
- is TRUSTED. GOTO 6.
+ is TRUSTED. GOTO 7.
4. The trust state is UNKNOWN. GOTO 5.
5. Display information about the certficate and its trust state to the user, and
prompt them to choose an action, from the following options:
@@ -53,10 +53,10 @@ certificate, take the following steps:
must manually edit the known_hosts file to correct the issue.
6. Complete the requested action:
- If ABORT, terminate the request.
- - If TRUST_TEMPORARY, update the session's list of known hosts, then allow
- the request to proceed.
+ - If TRUST_TEMPORARY, update the session's list of known hosts.
- If TRUST_ALWAYS, append a record to the known_hosts file and update the
- session's list of known hosts, then allow the request to proceed.
+ session's list of known hosts.
+7. Allow the request to proceed.
If the trust state is UNKNOWN, instead of requring user input to proceed, the
implementation MAY proceed with the request IF the UI displays that a new
