< Is gemini a read-only protocol?
I agree that I should be able to use midnight.pub with all features from gemini. My concern was with CSRF (Cross-Site Request Forgery), not encoding. In the web this is a solved problem by using hidden form inputs, but we have no such thing in gemini. Although you could do it by generating dynamic URLs with a random code that gets verified by the server... I would need to think about it :D
Also, beware that SENSITIVE INPUT is only a cosmetic feature: your input still travels in the URL. The only distinction is that clients should not print on the screen the input as you type it, to prevent "shoulder surfers".
Replies
Ohhhh I see. I haven't dug in to all the details yet, in that case yeah not sure how to login other than maybe a 6 digit one time password somehow? and that gets messy. I hope to implement a client in a month or two once I finish a few things and so I'll need to learn at least the basics.
Maybe a signature for the text based on a public key setup previously over a browser? That does sound close to another protocol though so maybe it's right that it shouldn't be in gemini at all?
Now I'm even more ambivalent than I was! ahaha. I'm going to have to think about it.
cheers