diff options
| author | Fuwn <[email protected]> | 2026-01-19 04:33:48 -0800 |
|---|---|---|
| committer | Fuwn <[email protected]> | 2026-01-19 04:33:48 -0800 |
| commit | 369bc6700c20d7434bcfcb219f046932a9562494 (patch) | |
| tree | c11e19ee0027df1f7ea75a5ae8336f186a8ffbb5 | |
| parent | feat: Add Gemini protocol support (diff) | |
| download | kaze-369bc6700c20d7434bcfcb219f046932a9562494.tar.xz kaze-369bc6700c20d7434bcfcb219f046932a9562494.zip | |
docs: Add TOFU certificate tracking to future ideas
| -rw-r--r-- | ideas.md | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -60,6 +60,14 @@ - WebSocket monitoring - GraphQL endpoint monitoring +### Gemini Protocol Enhancements +- **TOFU (Trust On First Use)**: Implement certificate fingerprint tracking for Gemini monitors + - Store certificate fingerprint on first successful connection + - Alert if certificate changes (potential MITM or legitimate cert renewal) + - Option to accept new certificate and update stored fingerprint + - Common pattern in Gemini clients, reduces false positives from self-signed certs + - Particularly useful since self-signed certificates are the norm in Geminispace + ## 4. Configuration & Management ### Config Enhancements |