Re: TLS in Gopher

To: gopher-project@other.debian.org
Subject: Re: TLS in Gopher
From: Cameron Kaiser <spectre@floodgap.com>
Date: Wed, 28 Feb 2018 06:12:35 -0800 (PST)
Message-id: <[🔎] 201802281412.w1SECZQQ14221364@floodgap.com>
In-reply-to: <[🔎] 7b8b1f5c-40e4-a339-a8ce-914176911d01@fsfe.org> from "Iain R. Learmonth" at "Feb 28, 18 07:53:19 am"

> > Although I would prefer gopher+TLS have a categorical port and only be
> > accessible that way, I don't object to probing/upgrading, as long as the
> > client is smart about it.
> 
> The idea of requiring a specific port number sounds like a complete hack.
> 
> Instead, can you not just cache that STARTTLS was successful and then
> immediately attempt TLS handshake when you connect next time instead of
> doing the STARTTLS upgrade?

I'm not aware of any TLS wrapper that knows how to do this (it would require
a lot of wire-level work to be even possible), and I'm sure many non-TLS
servers would not respond favourably. With a categorical port, you know
exactly what you're connecting to and what it's expecting.

-- 
------------------------------------ personal: http://www.cameronkaiser.com/ --
  Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckaiser@floodgap.com
-- Eggheads unite! You have nothing to lose but your yolks. -- Adlai Stevenson

Reply to:

Follow-Ups:
- Re: TLS in Gopher
  - From: "Iain R. Learmonth" <irl@fsfe.org>

References:
- Re: TLS in Gopher
  - From: "Iain R. Learmonth" <irl@fsfe.org>

Prev by Date: Re: TLS in Gopher
Next by Date: Re: TLS in Gopher
Previous by thread: Re: TLS in Gopher
Next by thread: Re: TLS in Gopher
Index(es):
- Date
- Thread