=> Re: "Is that's safe to use same identity certificate for..." | In: s/Gemini
Oh, I see. Yes it will cost you the time to create a new certif, login, revoke the old certif and install the new certif, vs. logging in and just revoking the old one. If you can still get in.
It is a small win.
=> ๐ stack
Jan 13 ยท 7 days ago
=> ๐ฟ argenkiwi ยท Jan 13 at 00:17:
Yeah, not a great improvement, but if it is something you would still need to do, you may as well do it in advanced. The measures you take to protect the certificates are what will make a more significant difference overall.
Thanks for the discussion @stack, I've only started to get my head around indentities in the context of Gemini and it has given me a better mental picture of what is achievable and what isn't.
=> ๐ stack ยท Jan 13 at 00:33:
@argenkiwi: for me the big realization was that, as a game/service provider, I can very easily keep track of users via certificates, with full encryption and totally authenticated (put not necesserily identified).
With the web, I would have to generate a session key and make sure it is sent back and forth without being forged.
It's great for games, as authentic identities of users are not important, but I have a guarantee that if I see a certificate I've seen before, it's the same user.
=> ๐ธ HanzBrix ยท Jan 13 at 07:24:
We also need to keep in mind, at least when we are talking security wise, I have never actually heard of anyone who has gotten their cert/keys stolen.
It happens on servers, sure, but they are always online and running software that can have a myriad of vulnerabilities.
People forget that the access required to steal a cert/key, means you already have an attacker on your local system. At which point your cert/key is the least of your problems.
Is that's safe to use same identity certificate for different services? Usually, asymmetric encryption means I share data signed with own private key + remote public key. Don't remember where exactly but saw the recommendation to use different certs for different hosts in Geminispace. Maybe that's because of privacy reasons only..
=> ๐ฌ ps ยท 17 comments ยท Jan 12 ยท 7 days ago This content has been proxied by September (ba2dc).Proxy Information
text/gemini; charset=utf-8