πΎ Archived View for gemi.dev βΊ gemini-mailing-list βΊ 001063.gmi captured on 2023-11-04 at 13:18:09. Gemini links have been rewritten to link to archived content
β‘οΈ Next capture (2023-12-28)
-=-=-=-=-=-=-
All, Hello! :-) It's been a while, but someone referenced something I said and... that's awesome!! :-D I wanted to share references to my response (however short it is for now) with the mailing list, to support further discussion in Gemlogs. I still haven't found a Gemini-worthy 'cross-link' solution that I like... so... this list is it. :shrug: One of the things I said: https://lists.orbitalfox.eu/archives/gemini/2021/005353.html The reference to it: gemini://skyjake.fi/gemlog/2021-11_re-making-gemini-easy.gmi https://gem.ondollo.com/external/skyjake.fi/gemlog/2021-11_re-making-gemini-easy.gmi My limited response: gemini://ondollo.com/~/mansfield/A Writeable Gemini.gem Thanks for remembering me skyjake! :-) -Mansfield
Hi, On Tue, Nov 9, 2021 at 2:39 AM Mansfield <mansfield at ondollo.com> wrote: > My limited response: > gemini://ondollo.com/~/mansfield/A Writeable Gemini.gem There's a problem with the certificate at ondollo.com so your link doesn't work. Botond
On Tue, Nov 9, 2021 at 2:16 AM Bal?zs Botond <balazsbotond at gmail.com> wrote: > Hi, > > On Tue, Nov 9, 2021 at 2:39 AM Mansfield <mansfield at ondollo.com> wrote: > > My limited response: > > gemini://ondollo.com/~/mansfield/A Writeable Gemini.gem > > There's a problem with the certificate at ondollo.com so your link > doesn't work. > > Botond > Oh... interesting... the classic "works for me"... well, here's the cert from the Mozz proxies perspective: https://portal.mozz.us/gemini/ondollo.com?crt=1 I wonder what's wrong with it? Mozz doesn't load the site either... I guess I gave a poor link as well... the spaces weren't encoded. Does this link work for you? gemini:// ondollo.com/~/mansfield/A%20Writeable%20Gemini.gem
On Tue, Nov 9, 2021 at 6:46 PM Mansfield <mansfield at ondollo.com> wrote: > On Tue, Nov 9, 2021 at 2:16 AM Bal?zs Botond <balazsbotond at gmail.com> > wrote: > >> Hi, >> >> On Tue, Nov 9, 2021 at 2:39 AM Mansfield <mansfield at ondollo.com> wrote: >> > My limited response: >> > gemini://ondollo.com/~/mansfield/A Writeable Gemini.gem >> >> There's a problem with the certificate at ondollo.com so your link >> doesn't work. >> >> Botond >> > > Oh... interesting... the classic "works for me"... well, here's the cert > from the Mozz proxies perspective: > > https://portal.mozz.us/gemini/ondollo.com?crt=1 > > I wonder what's wrong with it? Mozz doesn't load the site either... > > I guess I gave a poor link as well... the spaces weren't encoded. Does > this link work for you? gemini:// > ondollo.com/~/mansfield/A%20Writeable%20Gemini.gem > > > I tweaked the server to accept connections that don't provide a cert - seems to have turned the Mozz close_notify red x to a green checkmark. Maybe now things will work better for you (and others with similar clients, no doubt). Many thanks for letting me know that that was broken!
According to Lagrange, the problem appears to be a domain name mismatch. It also says it isn't trusted, but I expect that that's because of the previous problem. On 10/11/2021 08:25, Mansfield wrote: > On Tue, Nov 9, 2021 at 6:46 PM Mansfield <mansfield at ondollo.com > <mailto:mansfield at ondollo.com>> wrote: > > On Tue, Nov 9, 2021 at 2:16 AM Bal?zs Botond <balazsbotond at gmail.com > <mailto:balazsbotond at gmail.com>> wrote: > > Hi, > > On Tue, Nov 9, 2021 at 2:39 AM Mansfield <mansfield at ondollo.com > <mailto:mansfield at ondollo.com>> wrote: > > My limited response: > >? ? gemini://ondollo.com/~/mansfield/A > <http://ondollo.com/~/mansfield/A> Writeable Gemini.gem > > There's a problem with the certificate at ondollo.com > <http://ondollo.com> so your link doesn't work. > > Botond > > > Oh... interesting... the classic "works for me"... well, here's the > cert from the Mozz proxies perspective: > > https://portal.mozz.us/gemini/ondollo.com?crt=1 > <https://portal.mozz.us/gemini/ondollo.com?crt=1> > > I wonder what's wrong with it? Mozz doesn't load the site either... > > I guess I gave a poor link as well... the spaces weren't encoded. > Does this link work for > you??gemini://ondollo.com/~/mansfield/A%20Writeable%20Gemini.gem > <http://ondollo.com/~/mansfield/A%20Writeable%20Gemini.gem> > > > > I tweaked the server to accept connections that don't provide a cert - > seems to have turned the Mozz close_notify red x to a green checkmark. > > Maybe now things will work better for you (and others with similar > clients, no doubt). > > Many thanks for letting me know that that was broken! -- ------------------------- Gemini capsule: babiak.duckdns.org
Hello,
Mansfield <mansfield at ondollo.com> writes: > On Tue, Nov 9, 2021 at 6:46 PM Mansfield <mansfield at ondollo.com> wrote: > > On Tue, Nov 9, 2021 at 2:16 AM Bal?zs Botond <balazsbotond at gmail.com> wrote: > > Hi, > > On Tue, Nov 9, 2021 at 2:39 AM Mansfield <mansfield at ondollo.com> wrote: > > My limited response: > > gemini://ondollo.com/~/mansfield/A Writeable Gemini.gem > > There's a problem with the certificate at ondollo.com so your link doesn't work. > > Botond > > Oh... interesting... the classic "works for me"... well, here's the cert from the Mozz proxies perspective: > > https://portal.mozz.us/gemini/ondollo.com?crt=1 > > I wonder what's wrong with it? Mozz doesn't load the site either... > > I guess I gave a poor link as well... the spaces weren't encoded. Does this link work for you? > gemini://ondollo.com/~/mansfield/A%20Writeable%20Gemini.gem > > I tweaked the server to accept connections that don't provide a cert - seems to have turned the Mozz close_notify red x to a green > checkmark. > > Maybe now things will work better for you (and others with similar clients, no doubt). > > Many thanks for letting me know that that was broken! It's still broken unfortunately. While it's true that the certificate doesn't include the domain name: % printf 'gemini://ondollo.com\r\n' | nc -Tnoverify -c ondollo.com 1965 nc: tls handshake failed (name `ondollo.com' not present in server certificate) even if I throw a -noname at it (which disables the certificate name checking) the reply is still empty :/ % printf 'gemini://ondollo.com\r\n' | nc -Tnoverify -Tnoname -c ondollo.com 1965 % echo $? 0
On Wed, Nov 10, 2021 at 4:19 AM Omar Polo <op at omarpolo.com> wrote: > > Mansfield <mansfield at ondollo.com> writes: > > > On Tue, Nov 9, 2021 at 6:46 PM Mansfield <mansfield at ondollo.com> wrote: > > > > On Tue, Nov 9, 2021 at 2:16 AM Bal?zs Botond <balazsbotond at gmail.com> > wrote: > > > > Hi, > > > > On Tue, Nov 9, 2021 at 2:39 AM Mansfield <mansfield at ondollo.com> wrote: > > > My limited response: > > > gemini://ondollo.com/~/mansfield/A Writeable Gemini.gem > > > > There's a problem with the certificate at ondollo.com so your link > doesn't work. > > > > Botond > > > > Oh... interesting... the classic "works for me"... well, here's the > cert from the Mozz proxies perspective: > > > > https://portal.mozz.us/gemini/ondollo.com?crt=1 > > > > I wonder what's wrong with it? Mozz doesn't load the site either... > > > > I guess I gave a poor link as well... the spaces weren't encoded. Does > this link work for you? > > gemini://ondollo.com/~/mansfield/A%20Writeable%20Gemini.gem > > > > I tweaked the server to accept connections that don't provide a cert - > seems to have turned the Mozz close_notify red x to a green > > checkmark. > > > > Maybe now things will work better for you (and others with similar > clients, no doubt). > > > > Many thanks for letting me know that that was broken! > > It's still broken unfortunately. While it's true that the certificate > doesn't include the domain name: > > % printf 'gemini://ondollo.com\r\n' | nc -Tnoverify -c ondollo.com 1965 > nc: tls handshake failed (name `ondollo.com' not present in server > certificate) > > even if I throw a -noname at it (which disables the certificate name > checking) the reply is still empty :/ > > % printf 'gemini://ondollo.com\r\n' | nc -Tnoverify -Tnoname -c > ondollo.com 1965 > % echo $? > 0 > > Well, thanks for all the responses - turns out I had a few bits that needed adjusting beyond the common_name one. For anyone else caught in a tls debug process and wanting an easy way to test their server, I ended up using a command like this: ``` echo -e "/\r\n" | openssl s_client -crlf -connect domain.tld:1965 -ign_eof ``` That command alone won't get you all the way there, but it could help. It also helps that Gemini clients tend to not be complicated to get going with. Hopefully everything is accessible now!
On Thu, Nov 11, 2021 at 7:53 AM Mansfield <mansfield at ondollo.com> wrote: > > Hopefully everything is accessible now! Can confirm. Btw, what was the motivation to limit input length to 1024 bytes in the first place? I can't find anything about it in either the FAQ or the specification.
On 11. Nov 21, at 9.17, Bal?zs Botond <balazsbotond at gmail.com> wrote: > > Btw, what was the motivation to limit input length to 1024 bytes in > the first place? I can't find anything about it in either the FAQ or > the specification. Here's a relevant post from the archives where Solderpunk comments on the limit: https://lists.orbitalfox.eu/archives/gemini/2020/001672.html IMO, uploading content via URL query strings is not a great idea because you must percent-encode all of it, and that can increase the size quite a bit. Better to use alternate methods to upload a "raw" octet stream. --jaakko
skyjake <skyjake at dengine.net> writes: > On 11. Nov 21, at 9.17, Bal?zs Botond <balazsbotond at gmail.com> wrote: >> >> Btw, what was the motivation to limit input length to 1024 bytes in >> the first place? I can't find anything about it in either the FAQ or >> the specification. > > Here's a relevant post from the archives where Solderpunk comments on the limit: https://lists.orbitalfox.eu/archives/gemini/2020/001672.html > An interesting thread to read, ta! > IMO, uploading content via URL query strings is not a great idea > because you must percent-encode all of it, and that can increase the > size quite a bit. Better to use alternate methods to upload a "raw" > octet stream. I must admit having not touched octet streams before (whether raw or well-cooked), what am I missing out on? Does anybody have pointers/suggestions? I noticed a nice downstream post from Sean Conner, concerning his experience publishing via emails to his server => https://lists.orbitalfox.eu/archives/gemini/2020/001722.html 2020-06-16 gemini+submit:// (was Re: Uploading Gemini content) I get this approach a little more readily. Im wondering whether a public-inbox type approach would be interesting: => https://public-inbox.org/ Equally so, given its symbiosis with Grokmirror => https://github.com/mricon/grokmirror > > --jaakko Jonathan
On Thu, Nov 11, 2021 at 03:50:47PM +0200, skyjake wrote: > On 11. Nov 21, at 9.17, Bal?zs Botond <balazsbotond at gmail.com> wrote: > > > > Btw, what was the motivation to limit input length to 1024 bytes in > > the first place? I can't find anything about it in either the FAQ or > > the specification. > > Here's a relevant post from the archives where Solderpunk comments on the limit: https://lists.orbitalfox.eu/archives/gemini/2020/001672.html > > IMO, uploading content via URL query strings is not a great idea because you must percent-encode all of it, and that can increase the size quite a bit. Better to use alternate methods to upload a "raw" octet stream. > > --jaakko An IPFS hash is guaranteed to be under 1024 characters so treat that as passing a pointer rather than passing by value for uploads. This doesn't work for private data, but if you need secure uploads of private files you probably want a system that's not Gemini anyways.
---