~emersion/soju#83: 
Improve upstream CertFP setup

Some networks allow /msg NickServ cert add (without a fingerprint) to whitelist the current client cert. Maybe we could:

  • Generate a certificate on /msg BouncerServ certfp generate, but still stick to password-based auth
  • Ask the user to re-connect to the upstream (this uses the client cert but also provides the password)
  • Listen for /msg NickServ cert add and switch to pure certificate-based auth

Maybe a little fragile.

Status
REPORTED
Submitter
~emersion
Assigned to
No-one
Submitted
3 months ago
Updated
3 months ago
Labels
enhancement service upstream