Re: [gopher] Tor for Gopher
On 2017-02-14 05:47, Christoph Lohmann wrote:
Greetings comrades.
This ugly discussion of how to add TLS to gopher has lead to all kind
of
extension proposals which look so ugly I wouldn’t want to
implement
them. The CA system is broken and will not lead to any security. Do
you
really trust Let’s Encrypt, when they issue certificates for everyone?
I
don’t.
That is the reason why I am proposing a simpler migration strategy:
Let
us move all gopherholes to tor. Running a hidden service requires
no
modification except for changing the internal links to the onion
domain.
I do that at bitreich.org[0][1] by having a hidden service pointing
to
port 70 but the redirect in the configuration is to a different
port
which has geomyidae running with the argument ‐h
hg6vgqziawt5s4dj.onion.
All menu entries in gph files pointing to »server« will be replaced
with
that and you are kept in the tor network.
For clients it is simply: torify lynx gopher://hg6vgqziawt5s4dj.onion
I have started collecting onion gopherholes [2].
What we get: Security (hash in onion domain), anonymity (tor
network),
moral superiority by supporting tor and their efforts
Sincerely,
Christoph Lohmann
[0] gopher://bitreich.org
[1] gopher://hg6vgqziawt5s4dj.onion
[2] gopher://hg6vgqziawt5s4dj.onion/1/lawn/onion
_______________________________________________
Gopher-Project mailing list
Gopher-Project@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/gopher-project
I'm stunned by the beauty and simplicity of this solution!
I've been writing a gopher client myself and it took a grand total of 0
new lines of code to access that gopher using it! and we get all the
important security properties: integrity, authenticity, confidentiality.
_______________________________________________
Gopher-Project mailing list
Gopher-Project@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/gopher-project
Reply to: