• Gemini capsules: now properly verified!

    From Gabx@mail2news@virebent.invalid to comp.infosystems.gemini,alt.cypherpunks,alt.privacy.anon-server on Fri Jun 26 17:31:42 2026
    From Newsgroup: alt.privacy.anon-server

    -----BEGIN YUBISIGNER SIGNED MESSAGE-----
    Hash: SHA256

    Moved servers,
    and every Gemini capsule started screaming "untrusted server."

    Why: my old server (agate) only does self-signed TOFU certs, no CA chain and clients had the old fingerprints pinned, so they rejected the new ones too.

    Fix: patched gmnisrv to send a full Let's Encrypt chain, forced TLS 1.3, and fixed a crash where a big chain overflowed the handshake buffer (a free DoS on a public port). Renewals auto-reload now.

    Patched fork: https://git.virebent.art/virebent/gmnisrv

    Live, CA-verified, TLS 1.3:

    - gemini://contact.virebent.art
    - gemini://virebent.art
    - gemini://archives.virebent.art
    - gemini://n5ry24fweklbn562o7fnyefanygtwxlgi7aevn26huuxqlsftxy5ljqd.onion (self-signed rCo

    If your client grumbles once about a changed cert, accept it. That's TOFU.

    Best regards and have fun !
    --
    Gabx

    Author: Gab Virebent
    Signed at: 2026-06-26 17:31:21 +0000
    Filename: m2n-msg.Nq8GsT
    File size: 814 bytes
    Email: gabriel1@virebent.art
    Telefax: n/a
    URL: https://contact.virebent.art
    Comment: Posted via NeoMutt mail2news
    RIPEMD-256: 0b4274e72ed70206fd2394b1fb3fed0c280eae0c80a63ec5b54a89c9b611400b
    SHA-256: 39e5793105f9cfb125054c7a249f4d6dbb78176d5ef8bee08c1422605ecd9ff9
    SM3: 22bb704103885b9b7db78ed4be33e23b71568dd1a6ade1df62c63d56a2bc476b Streebog-256: 5dcfdabde2f4af06183c2162626563ceb0d0be6487721556ca8b29a538236221 -----BEGIN YUBISIGNER ED25519 SIGNATURE----- 016a3022f054b794469ed0178235afd551ac9537e5c4a787ceaec8ce6bc29a8a b092672f03ec7151186ca189f4908e53e0436b84a776d94ce82219f536540da8 483f2dcf81699ceddc9fac6d50f156fb07763a25363ee62d56f45e26dfbd0a0c
    -----END YUBISIGNER ED25519 SIGNATURE-----


    --- Synchronet 3.22a-Linux NewsLink 1.2