[spec] Client certificate scopes

Omar Polo op at omarpolo.com
Sun Mar 7 16:25:08 GMT 2021

Adnan Maolood <me at adnano.co> writes:

> On Sun Mar 7, 2021 at 3:20 AM EST, Omar Polo wrote:
>> Wouldn't this cause problems with multi-user capsules? e.g. as a user,
>> if I used a certificate for gemini://example.com/~user1/cgi/foo I may
>> don't want that same certificate to be sent to
>> gemini://example.com/~user2/cgi/bar.
> Multi-user capsules would still work. The server would recognize which
> user you are by your certificate.

No.  The server will execute the CGI scrips happily passing any
certificates you provide.  In multi-user capsules, ex.com/~user1 and
ex.com/~user2 are like completely different hosts in this regard.

> Instead of limiting the certificate to certain paths, clients should
> allow the user to create multiple certificates per host and switch
> between them easily.

More information about the Gemini mailing list