Parse certificate from lndconnect string and prompt user to install it on the OS level #335
Comments
|
Hmm, this is still an issue. Firstly there should be no prompt. If you have the correct lndconnect string, then there's 100% certainty that the other side is your server and the cert validator should trust it automatically. Secondly, maybe we should revive the idea from Zap to use certificate fingerprint instead of whole certificate. This would greatly decrease the size of the QR code. Or even better use more optimized protocol as suggested here: BlockchainCommons/Gordian-Developer-Community#33 Finally, what exactly is needed for this to be moved forward? |
|
I'd encourage you to do certificate verification inside Zeus and not with the OS. I also agree that using a fingerprint is much shorter and should be good enough since SSL normally sends a copy of the certificate when you initially connect. What is the approach that LNDHUB does for certificate verification? Do they require a signed certificate? If so, I think that's a bad idea and the fingerprint should be part of the URI. |
|
Another advantage of doing certificate verification inside of Zeus and not within the OS: Any CA installed by the OS can maliciously generate a certificate for your domain. This is a major vulnerability. If we are manually installing are trusting a self signed certificate, we know that we signed it ourselves, so CA's are useless to us. In that case, we'd actually prefer to ignore all CA's and ONLY allow our self signed certificate to be used. I believe this is called "certificate pinning". |
|
Would like to add a bounty of 100,000 sat for fixing this issue by incorporating my comments above. |
Exactly. |
No description provided.
The text was updated successfully, but these errors were encountered: