Hello! There are soon to be some changes to my Gemini software's TLS support. I am rewriting both to use BearSSL instead of OpenSSL, and making some refinements while I'm at it. Some of these will affect end-users. Naturally, when you pull down the code again, you'll have to install BearSSL's development package. BearSSL is not yet widely available: https://repology.org/project/bearssl/versions But your distro will probably add it if you ask nicely. Additionally, the format of known_hosts is changing. The hashes are the same, but we're no longer using the expiration time. Server operators are advised to generate long-lived certificates - a few hundred years should do the trick. In order to avoid breaking compatibility with any software which reads our known hosts file at ~/.local/share/gemini/known_hosts, we're moving it to our private directory at ~/.local/share/gmni/. The software will tolerate the old format, so you can copy your known_hosts file over, or you can simply start fresh and re-trust hosts as you encounter them in geminispace. Many breaking changes have been made to libgmni, and a few more may be in store. If you're a downstream user, you'll have to make some changes, and prepare for more in the foreseeable future. The plan is to abstract most, if not all, of the TLS details away from library users entirely. With the completion of this API work, and the addition of client-side certificate support in the near future, I will be tagging gmni 1.0. gmnisrv has not yet been migrated to BearSSL, and it's not a high priority for me right now, but I intend to put in the work before calling it 1.0 (patches welcome if you want to help). I have already changed the default certificate expiration to the far future, so if you're up to date, when your certificates roll over next you'll get a long-lived cert.