Tree
- Tree:
3ef25d39266c92a62ece902799cc23b76812e0d0
- Date:
- Message:
- add a privsep crypto engine Incorporate the OpenSMTPD' privsep crypto engine. The idea behind it is to never load the certificate' private keys in a networked process, instead they are loaded in a separate process (the `crypto' one) which signs payloads on the behalf of the server processes. This way, we greatly reduce the risk of leaking the certificate' private key should the server process be compromised. This currently compiles only on LibreSSL (portable fix is in the way).
README.md
# gmid website/capsule These are the sources for the gmid website and Gemini capsule. Unlike gmid itself, to build the site you'll need OpenBSD' make (on linux `bmake` *may* work.)