💾 Archived View for gemi.dev › gemini-mailing-list › 000514.gmi captured on 2023-11-04 at 12:53:31. Gemini links have been rewritten to link to archived content

View Raw

More Information

➡️ Next capture (2023-12-28)

-=-=-=-=-=-=-

Gemini over i2p or tor

• 📧 Messages: 2
• 🗣️ Authors: 2
• 📅 First Message: 2020-11-30 18:43
• 📅 Last Message: 2020-11-30 20:33

Solene Rapenne <solene (a) perso.pw>

• 📅 Sent: 2020-11-30 18:43
• 📧 Message 1 of 2

Hello,

I'm new to gemini and I was looking to host my gemini server behind
i2p (or as a Tor hidden service, that would work the same).

I wrote a server that doesn't do TLS but uses a relayd daemon in
front of it to take care about TLS the right way.

I've read that TLS is mandatory, the only configuration I can imagine
for gemini over i2p/tor would be to expose my relayd over these
networks, but then the TLS hostname won't match the hostname in the
URI. I'm not even sure this would work for all clients.

Is there a solution for this or am I supposed to accept non matching
certificates for this use case?

Regards
Sol?ne

Link to individual message.

A. E. Spencer-Reed <easrng (a) gmail.com>

• 📅 Sent: 2020-11-30 20:33
• 📧 Message 2 of 2

>
> but then the TLS hostname won't match the hostname in the URI
>
Gemini uses TOFU (Trust on First Use) with self signed certs for TLS, so
you can make a TLS cert for your onion/i2p name.


-- 
? <https://www.google.com/teapot>

Link to individual message.

---

Previous Thread: Suggestion: ABNF in spec

Next Thread: What should I do for Geminiworld?