s/Gemini
Grouped Posts
Expiration of self-signed certificates Does it make sense to use Not After on self-signed gemini server and client certificates, so that they expire after some time? I long ago came to the conclusion that it doesn't make sense, but it still seems to be standard practice, so I'm worried that I may have missed something. Have I? Certainly you shouldn't expect a self-signed certificate to be usable forever -- the private key might be compromised one day, and anyway the underlying encryption will
💬 4 comments · 2023-05-27 · 3 years ago
hobby coder here with a question. When implementing client authentication, do we just store the tls client hash? If so how is this not able to be spoofed? I'm guessing there is some public key authentication going on in the background. looking at the spec and some searches only helped a little.
💬 4 comments · 2023-05-27 · 3 years ago · #certificates #client_certificates #programming