From 85cfdb99ce60296fbe1872926bf3844591ca4f26 Mon Sep 17 00:00:00 2001 From: Case Duckworth Date: Mon, 8 Jun 2020 10:11:53 -0500 Subject: Notes for TOFU --- wip/TOFU.txt | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 wip/TOFU.txt diff --git a/wip/TOFU.txt b/wip/TOFU.txt new file mode 100644 index 0000000..3189adb --- /dev/null +++ b/wip/TOFU.txt @@ -0,0 +1,5 @@ +TOFU + It's basically what Bombadillo does. I store the hash of the raw cert, as well as its expiry date. Then for every request, I pass the cert to a function that tries to load the TOFU entry from storage. If it doesn't exist, then the current cert is saved. If the fingerprints match, everything's good. If they don't match, but the expiry date has passed, then the new cert is saved over top of the old one. Otherwise, something malicious has happened + https://pastebin.com/xMsdE5D0 + acdw: That's the overview, and the text of my high level function that handles it + It really wasn't that bad to do -- cgit 1.4.1-21-gabe81