-- Leo's gemini proxy
-- Connecting to git.thebackupbox.net:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini
repo: tlsa action: summary revision: path_from: revision_from: : path_to: revision_to:
Display summary about given repository. This is the default command if no action is specified in URL, and only repository is specified.
TODO: [ ] load the TOFU certs [ ] remove a lot of stuff? [ ] figure out how to get all the needed checks and fallbacks while only making one connection to the server. what to do if: \ DNSSEC | TLSA\ good | bad | gone -----+-------------+--------- good | a | b | c -----|------+------+-------- bad | d | e | f -----|------+------+-------- gone | g | h | i DNSSEC | TLSA | a: good | good | best situation. connect happily. b: bad | good | but TLSA is good... reject. c: gone | good | TLSA is present and good. maybe accept but warn? d: good | bad | TLSA is bad. reject. e: bad | bad | obviously reject. f: gone | bad | reject. g: good | gone | accept but warn? h: bad | gone | reject. i: gone | gone | accept because most servers are this way. so, it looks like...: if DNSSEC == good and TLSA == good: accept else if DNSSEC == bad or TLSA == bad: reject else: warn, but accept
-- Response ended
-- Page fetched on Tue May 7 10:31:39 2024