Multi-perspective certificate validation demo

I wrote a tiny demo of multi-perspective certificate validation, using Tor to check a host's certificate from an additional vantage point:

Specifically, I added [this code] to Solderpunk's 100-line Gemini client written in Python, enabling it to validate self-signed certificates. It should be enough to spot most MITM attacks. See the README for details.

Multi-perspective validation complements TOFU nicely. We can keep relying on self-signed certs *and* have decent MITM protection without requiring capsule admins to do anything differently. It is fundamentally what CAs do, after all: