[spec] Client certificate scopes

Adnan Maolood me at adnano.co
Sat Mar 6 17:34:31 GMT 2021


Currently, the Gemini specification requires client certificates be
limited to the URL hostname and path for which they were requested. My
Gemini client automatically generates certificates for the user, and
this requirement makes it much more complicated to store and load
certificates. For simplicity's sake, I propose that client certificates
only be limited to the hostname for which they were requested.


More information about the Gemini mailing list