[spec] Client certificate scopes

Omar Polo op at omarpolo.com
Sun Mar 7 16:25:08 GMT 2021

Previous message (by thread): [spec] Client certificate scopes
Next message (by thread): [users] New capsule - gemini://capsule.adrianhesketh.com
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Adnan Maolood <me at adnano.co> writes:

> On Sun Mar 7, 2021 at 3:20 AM EST, Omar Polo wrote:
>> Wouldn't this cause problems with multi-user capsules? e.g. as a user,
>> if I used a certificate for gemini://example.com/~user1/cgi/foo I may
>> don't want that same certificate to be sent to
>> gemini://example.com/~user2/cgi/bar.
>
> Multi-user capsules would still work. The server would recognize which
> user you are by your certificate.

No.  The server will execute the CGI scrips happily passing any
certificates you provide.  In multi-user capsules, ex.com/~user1 and
ex.com/~user2 are like completely different hosts in this regard.

> Instead of limiting the certificate to certain paths, clients should
> allow the user to create multiple certificates per host and switch
> between them easily.

Previous message (by thread): [spec] Client certificate scopes
Next message (by thread): [users] New capsule - gemini://capsule.adrianhesketh.com
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list