New Dillo plugin

Charles E. Lehner cel at celehner.com
Sat Jun 27 00:47:50 BST 2020

Previous message (by thread): New Dillo plugin
Next message (by thread): New Dillo plugin
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Philip,

Nice work. I like the certificate pinning feature.

The other plugin (dillo-gemini) works with the current protocol, except for client certificates or any server certificate management. Maybe you were missing a dependency. I added a link to yours in its readme.

Regards,
Charles L.

On Fri, 26 Jun 2020 23:32:08 +0200
Philip Linde <linde.philip at gmail.com> wrote:

> Hi all,
> 
> I tried the existing Dillo plugin but couldn't get it to work.
> Perhaps it got the job done at some iteration of the protocol.
> I've written my own according to the current spec for anyone
> interested:
> 
> https://github.com/boomlinde/gemini.filter.dpi
> 
> I've decided that in my client you explicitly have to pin invalid
> certificates and certificates with unknown authorities. On the first
> request to a site with a self-signed or invalid certificate, an error
> description will be displayed and you'll be given the option to pin it
> and continue anyway. After the certificate is pinned, you won't get a
> warning again until it changes.
> 
> The certificate pins are stored in $HOME/.dillo/gemini/pinned as
> base64 encoded sha1 sums of the entire certificate chain used.
> 
> For now it doesn't undersand client certificate status codes and will
> show them as it does errors (simply outputting the header in plain
> text). It will display an error on any encoding except utf-8 and
> us-ascii.
> 
> Input works fine!
> 
> The project has also yielded two interesting libraries:
> 
> https://github.com/boomlinde/gemini is a protocol implementation, for
> now only a client, in Go. The client library makes it easy to set up a
> pin database and verifies connections by default.
> 
> https://github.com/boomlinde/dpi implements a Dillo plugin server, in
> Go. It can be used to build both filter and server plugins.
> 
> Neither of these libraries are really versioned yet. I want to
> dog-food the plugin for a while to weed any issues out before I will
> say that the APIs are stable.
> 
> I hope someone else finds some use for this!
> 
> --
> Philip


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20200626/24f4ba06/attachment.sig>

Previous message (by thread): New Dillo plugin
Next message (by thread): New Dillo plugin
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list