💾 Archived View for gemi.dev › gemini-mailing-list › 000419.gmi captured on 2023-11-04 at 12:47:57. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
"Use of the Server Name Indication (SNI) extension to TLS is also mandatory, to facilitate name-based virtual hosting." Should I be refusing client requests that don't have SNI? If so, with code 59?
This is a great question, hmm. I think you probably should, but I wonder what the status of clients are, if most are doing it. My clients (gemget, amfora) are all in Go, which doesn't seem to have an option to set SNI myself? I think it does it automatically. I would love to have Solderpunk's input on this, but I would wait until many clients are tested before you start refusing requests. Definitely this should be added to the existing client torture tests. Cheers, makeworld
It was thus said that the Great colecmac at protonmail.com once stated: > > I would love to have Solderpunk's input on this, but I would wait > until many clients are tested before you start refusing requests. > Definitely this should be added to the existing client torture tests. I'll have to see if the TLS library I use has a way to check SNI---it's not something I've had to deal with explicitly. -spc
My Gemini server requires SNI.
??????? Original Message ??????? On Friday, October 30, 2020 6:26 PM, Drew DeVault <sir at cmpwn.com> wrote: > My Gemini server requires SNI. Well, there's the test! My client connected with gemini://drewdevault.com sucessfully, so looks SNI works. :) makeworld
---