Statement of intent regarding TLS server name identification (SNI)

William Casarin jb55 at jb55.com
Mon Nov 9 16:18:19 GMT 2020

Previous message (by thread): Statement of intent regarding TLS server name identification (SNI)
Next message (by thread): Statement of intent regarding TLS server name identification (SNI)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Omar Polo <op at omarpolo.com> writes:
> Drew DeVault <sir at cmpwn.com> writes:
>
>> Hiya! On behalf of the gmnisrv server software
>> (https://git.sr.ht/~sircmpwn/gmnisrv), I'm writing to inform client
>> authors that our intention is to *require* clients to enable server name
>> identification (SNI) when making TLS connections. We will drop
>> connections which do not provide SNI.
>>
>> It's pretty easy to add to your cilent, so please double check that
>> yours does it! My server, gemini://drewdevault.com, is running gmnisrv
>> with this requirement enabled if you want something to test against.
>
> This explain why I wasn't able to visit your server today, as it seems
> elpher doesn't do SNI.

The Gemini iOS app¹² I was using also doesn't load Drew's server. I get the
error message "The operation couldn't be completed. (OSStatus error -9806.)"

Perhaps this could be clarified in the spec?

Cheers,
Will

¹ https://testflight.apple.com/join/ln6yTtqK
² https://github.com/pitr/gemini-ios

-- 
https://jb55.com

Previous message (by thread): Statement of intent regarding TLS server name identification (SNI)
Next message (by thread): Statement of intent regarding TLS server name identification (SNI)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list