SSLegance

Justin Tracey j2tracey at gmail.com
Fri Jul 26 10:58:50 PDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Trust On First Use. It's a key-exchange method where you trust the first
time you grab a key, and use that, instead of a cert-authority or
anything like that. It's used for SSH iirc, though I could be wrong. The
idea behind it is that unless the MITM performs a MITM the first time
and every time thereafter, you'll at least notice the attack, and likely
prevent it.

I was going to provide a Wikipedia link, but I couldn't seem to find
one, other than this one hidden in a user page.
https://en.wikipedia.org/wiki/User:Dotdotike/Trust_Upon_First_Use

On 07/26/2013 09:06 AM, tz wrote:
> Sorry for being slow, but what is TOFUing?
>
> On Fri, Jul 26, 2013 at 8:27 AM, Andy Isaacson <adi at hexapodia.org
<mailto:adi at hexapodia.org>> wrote:
>
>
>     I've run my primary browser with no trusted CAs, manually TOFUing
>     certificates for sites, for months on end.  It's slightly easier than
>     "view source" to use control-shift-K (in Firefox) and reload the page,
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBAgAGBQJR8rjVAAoJED2aKxR1HF9BsDkQAOiqrPvw6ClM5mZ3zdMgzZQ1
jsyKmZMCOEUJtrlJA2LGN6ybhQ0ESCubrBD9izHOt80fTqpYoDkd27ziwGeEUw/m
h3+VATV0zr0Pr569e71sIhsRs3rlGXJfDeoyDDJrb/t+fbSDXccecIpz8uQiByb6
hAAIqFGjFSozikAtdRfbeiXGBQQD6nlzzT6/FWZ5jygX4XElRvcF/ElEfsFJ2N6+
4oRMt6irhirDzPSCFuXtbSrNXZ+GQ7k3YRt2uC6uLzHEjpatbdVw420AQlm3fEZs
IN20NTIRHlJl81sB1a37d30JjqLI35f1HbUHBBuFO25ArUnTRQoN973D6vnSAZLj
v8/LFCYM+rhpabpZ21e2kBywJoo+t1iy9506VbGNyfZV4xxxVPaBVpwmANfoK0SO
MeHXfz8sTR7wjiMc/m735GLRCZMonYcejZ0BY9wDTBC9iCjaGB+6bFgcV4cop4vt
WakfqQKp1j+qrly5sZcRZG8AWQzCGlUbEkfXuknmEVSxED0zEE6DZlnEbYOftvoG
8M1Z8hMAI+sO4mhbyDEBbsY3y+GbfyShLFmyxR82HXh7Vw/NyYjkE4Px9uoGGwPl
hTgXOTxB/teA0jpVVO96SFG1YrhCt+98LlcCAKwM/xuv5jPVp9ipz0QuyF9C3AE3
EJfQHrhI/qyfoBCklYt+
=iakG
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2930 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20130726/05aafe57/attachment-0001.txt>


More information about the cypherpunks mailing list