💾 Archived View for rawtext.club › ~sloum › geminilist › 000843.gmi captured on 2020-09-24 at 02:17:47. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Sean Conner sean at conman.org
Tue May 19 03:21:38 BST 2020
- - - - - - - - - - - - - - - - - - -
It was thus said that the Great kaoD once stated:
Glad to hear about SNI being in the radar. It's a must for virtual hosting.
Yup. At least two servers that I am aware of implement it, GLV-1.12556 (Iwrote this one) and gemserv.
Any thoughts about SNI interaction with the current "host in request URL is
like Host header" in the spec?
It's how GLV-1.12556 determines what set of content handlers to lookthrough when serving up a request. The public server I have doesn't servemultiple hosts, but the code running it can.
Since SNI does the virtual hosting part (and
better) it would only be useful for proxying other hosts AFAICT.
Is proxying allowed currently in any server?
I saw something about gemserv supporting proxying, but I don't know thedetails of how it works.
As for proxy support in GLV-1.12556 (the only server I can speakauthoritatively about), it would be easy to write a handler to support aproxy like:
gemini://gemini.conman.org/proxy/mozz.us/journal/2020-05-06.gmi
But if by "proxy" you mean you connect to gemini.conman.org and expect therequest itself to be proxied:
gemini://mozz.us/journal/2020-05-06.gmi
that ... could be done, but it would require two things---1) your clientwould have to know to use the gemini.conman.org certificate to connect to myserver and 2) my server would have to know to proxy this domain (andsupporting that type of proxy in GLV-1.12556 would require somethought---the server isn't set up for that type of thing [1]).
Is it even desirable in the
protocol? Or is it just an idea that ossified in the spec without real
world use? (Genuine questions! I don't see the use but in sure it's been
discussed and I'm just late to the party.)
When the suggestion to use the URL as the request (which would give usmultidomain support with a server), solderpunk also saw a proxy being easyto implement without thinking about the implications.
Most servers (all I've tried, circumlunar.space included) fail to handle
host-less requests (out of spec) and deny proxying other hosts.
And I'm pretty sure clients are adapting to this behavior. I'm afraid this
will end up being the de facto standard even with SNI making it obsolete.
Huh? I don't understand the concern here.
-spc[1] Nor does it support multiple domains with a single certificate/key pair. Right now, each server requires its own certificate/key file.