author: @sprock
I have rewritten my capsule's server. Please email me if you notice any problems.
I don't think I've mentioned it anywhere since it basically duplicates information available on the capsule's root page, but I added a security.txt file to my capsule a few months back, as described in:
=> Why you should add security.txt to your capsule
=> The file can be found here.
I have tentatively set LetsEncrypt to reuse the key when renewing from now on, which may help some TOFU-only clients. I am still reluctant to fully commit to TOFU, but I understand that is the most common client behaviour. Maybe it would be worth working out and showing how to implement a simple, automatic CA-fallback when there is a new certificate that is not trusted.
text/geminiThis content has been proxied by September (3851b).