[spec] Oustanding issues
stephane at sources.org
Wed Jan 6 08:25:59 GMT 2021
On Tue, Jan 05, 2021 at 03:17:00PM -0500,
Gary Johnson <lambdatronic at disroot.org> wrote
a message of 89 lines which said:
> 1. What are the valid/invalid/recommended values for CN, SAN, and
> expiration dates in certificates in the context of TOFU?
Also, regarding TOFU (probably the worst part of the current
specification), there are many other clarifications requested:
* should the client consider the whole certificate or just the public
key? The spec says the whole certificate but I don't see the point if
the rest of the certificate is not used.
* interactions between TOFU and valid certificates. For instance,
should a client disable TOFU when the certificate is valid?
* rewrite the sentence "the previous certificate's expiry date has not
passed" because you don't renew a certificate when it is expired, but
a few days/weeks before.
> 2. Client use of URL fragments (jump to heading, full text search, etc.)
There are actually two separate issues with fragments:
* Behavior during redirection
* Semantics for text/gemini
More information about the Gemini