💾 Archived View for rawtext.club › ~sloum › geminilist › 001529.gmi captured on 2020-10-31 at 02:20:48. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2020-09-24)

-=-=-=-=-=-=-

<-- back to the mailing list

CGI, SCGI and Certificates (was Re: [ANN] Gemini browser for iOS)

Michael Lazar lazar.michael22 at gmail.com

Wed Jun 10 23:58:38 BST 2020

- - - - - - - - - - - - - - - - - - - 

On Wed, Jun 10, 2020 at 4:50 PM solderpunk <solderpunk at sdf.org> wrote:

On Tue, Jun 09, 2020 at 11:53:19PM -0400, Michael Lazar wrote:
TLS_CLIENT_HASH
I'm using a base64-encoded representation of the hash. I like your notation of
SHA256:<HEX> better, but it's too late now and I don't want to break backwards
compatibility.
I am extremely interested in having a well-defined notion of
"certificate fingerprints" in Geminispace, not just for CGI apps but in
server configs too (Molly Brown will soon support being able to
configure lists of authorised certs for accessing certain directories).
It's a shame it's too late for you to make changes now, but for the sake
of all future implementations we should agree on something.

Ok I'll walk that back. It's too late to make changes *unless* there's a goodreason to do so. I don't want to break CGI variables on a whim anymore, but ifwe all agree on a standard then I will follow suit.