nervuri nervuri at disroot.org
Tue Nov 9 08:17:33 GMT 2021
- - - - - - - - - - - - - - - - - - -
On Mon, 2021-11-08, mbays wrote:
Another one I think is particularly important for Gemini:
TLS 1.2 sends client certificates in the clear, while with 1.3 they are
encrypted.
This is the most important one, I think. Sending client certificates inthe clear can be really bad for privacy, especially as they may containyour e-mail address, username and/or other sensitive information.
Even if the spec doesn't end up mandating 1.3, it might be worth
requiring it for servers which make use of client certificates.
Yep. Discussed here:
https://gitlab.com/gemini-specification/protocol/-/issues/12