A Gemini Protocol browser for Android based OS. Forked from Ariane, Licensed under GPLv3.
From the Gemini specification:
Use of TLS for Gemini transactions is mandatory. Use of the Server Name Indication (SNI) extension to TLS is also mandatory, to facilitate name-based virtual hosting.
Grande uses TLS but does not implement TOFU at all:
Clients can validate TLS connections however they like (including not at all) but the strongly RECOMMENDED approach is to implement a lightweight "TOFU" certificate-pinning system which treats self-signed certificates as first- class citizens
Although rarely seen on the web, TLS permits clients to identify themselves to servers using certificates
From the spec:
Looking at Kristall a client should offer full cert management, including import and export. Grande has NONE of this currently.
A key sentence in the spec:
Gemini requests will typically be made without a client certificate.
Client certs should only be required for protected content:
Gemini requests will typically be made without a client certificate. If a requested resource requires a client certificate and one is not included in a request, the server can respond with a status code of 60, 61 or 62 (see Appendix 1 below for a description of all status codes related to client certificates). A client certificate which is generated or loaded in response to such a status code has its scope bound to the same hostname as the request URL and to all paths below the path of the request URL path. E.g. if a request for gemini://example.com/foo returns status 60 and the user chooses to generate a new client certificate in response to this, that same certificate should be used for subsequent requests to gemini://example.com/foo, gemini://example.com/foo/bar/, gemini://example.com/foo/bar/baz, etc., until such time as the user decides to delete the certificate or to temporarily deactivate it. Interactive clients for human users are strongly recommended to make such actions easy and to generally give users full control over the use of client certificates.
From this it's clear general requests should NOT use a client cert (to protect user identity if nothing else), if a server requests a client cert we should offer various configurations:
That's it as far as the spec is concered, the rest is down to the Android API
Not implemented yet.
Display a servers certs with:
openssl s_client -showcerts -connect gus.guru:1965