💾 Archived View for rawtext.club › ~sloum › geminilist › 001520.gmi captured on 2020-10-31 at 02:20:22. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2020-09-24)
-=-=-=-=-=-=-
solderpunk solderpunk at SDF.ORG
Wed Jun 10 22:16:37 BST 2020
- - - - - - - - - - - - - - - - - - -
On Tue, Jun 09, 2020 at 12:01:28AM -0400, Michael Lazar wrote:
I think hijacking the <META> is unnecessary for my application. I can accomplish
the same thing by sending a "30 TEMPORARY REDIRECT" to all unauthenticated
requests, and then hitting them with a 61 after they have been redirected to
the path scope. I concede that this wouldn't be *exactly* the same because the
client won't end up at the page that they originally requested. But it's
workable enough for me. And I like having the meta available for human readable
error messages.
Hmm...I think I like this. I mean, I'm never *super* excited whenredirects are involved, but this workflow would allow us to specthat the default scope of a cert is all paths below the URI fromwhich the 6x status was received (which lets client certs be muchnarrower in scope than cookies, which IMHO is a good selling point)and still allow human-readable <META> for 6x statuses to providehints about expected certificate lifespan.
Cheers,Solderpunk