[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: TLS in Gopher



Hi,

On 28/02/18 14:12, Cameron Kaiser wrote:
> I'm not aware of any TLS wrapper that knows how to do this (it would require
> a lot of wire-level work to be even possible), and I'm sure many non-TLS
> servers would not respond favourably. With a categorical port, you know
> exactly what you're connecting to and what it's expecting.

With a categorical port you recreate the problems of HTTP where you've
broken URLs when you enable TLS. Instead of http://blah/ you now have
https://blah/ and these are distinct resources. If you are running two
servers, they could have entirely different content and those who have
bookmarks/search indexes or anything referencing a URL would find it
broken when you enable TLS.

Just because such a wrapper doesn't currently exist it doesn't mean that
it wouldn't be possible to create one. It would likely be very easy.

See for example: http://57north.org.uk:443/

Here the server correctly responds to a plaintext HTTP request with a
plaintext HTTP response. It serves an error message explaining that
HTTPS was expected, but there's no reason that you couldn't just have it
serve content instead.

Anyone can just run an wrapper around anything and say you've created a
TLS version but you need to think about what it actually means
semantically in the context of the application. In the case of Gopher I
firmly believe that a separate port, even if not a "fixed" separate
port, is just recreating the problems of HTTP/HTTPS URL breakage and
that we can and should do better.

Thanks,
Iain.


Reply to: