[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Gopher over TLS

What i see , for those that are interested in it, whichbis also a big drive of the big two (1+1/2 +1/2 maybe)
Is numbers  our biggest strength imo can be .....utilised by picking up those machines that the mainstreem ports have left behind with little effort,
Say for example an example of earlier version of android such as icecream sandwich has been sunsetted.
3rd party devs are no longer supporting it.the browser starts showing its age . Certain advanced features or simple rendering breaks.
We as a community can come on in and provide ports of some gopher client with included bookmarks that enables people to do the things that their unsupported browser wont allow anymore eg. Gopherpedia, www browsing via a proxy, etc etc
Its little work to push out new versions that fix issues etc, but you are now growing your community that has been left behind by the latest and greatest community.
Cameron has shown that this works to a degree with his classilla and 10.4fx projects.
As long as theres a few youtubes on how it can be utilised on older devices to do basics of which we have several services in the gophersphere already that qualify,
And a new application pops up on old device's appstores and webcommunity...
To convince people, all youll have to do is show some coloured text and a nice gui and theyre onboard.
From: barana . <Barana24@hotmail.com>
Sent: Monday, 22 January 2018 1:11:17 PM
To: Alex Schröder; gopher-project@other.debian.org
Subject: Re: Gopher over TLS
 
Ok so I see people wanting to innovate with gopher and that is very cool, its part of the reason this group exists.
The problem as I see it is that some of the innovators are talking innovation only in  x86/64 and winmacnix world and THE VERY STRENGTH of gopher which is low cpu use low bandwidth gets THROWN out the window in favour of innovations that cannot be utilised on platforms that are perfectly suited for gopher examples being c64 amiga500 palm devices newton devices first gen iphone/blackberry/symbian devices/android devices.
By extending gopher in ways only using x86 cutting edge stuff to void the very strengths of gopher.
I do not oppose innovation and development ,what i oppose is an insular pc is all that matters fanboy unthinking approach that excludes these platforms that utilize gopher perfectly because the innovator doesnt have a clue.
Nb. Not scathing here, but i think im seeing the same pattern that tried to update www , the result being its only a two horse race these days.
Gopher was left behind because of this attitude, dont leave gopher behind again.
From: Alex Schröder <kensanata@gmail.com>
Sent: Monday, 22 January 2018 7:24:23 AM
To: gopher-project@other.debian.org
Subject: Re: Gopher over TLS
 
> Alex Schr?der <kensanata@gmail.com> wrote:
>> echo About | gnutls-cli alexschroeder.ch:7070

SiMpLe MaChInEs <simple@sdf.org> writes:

> Adding TLS to gopher has been talked about on and off for years but
> usually the conversation died when it came to extending the gopher
> std(s). Perhaps it's time to revisit it again?

Do you have a good link to a previous discussion?

> I had to add '--insecure' to gnutls-cli but other than that it works.

Strange that you had to add --insecure. The server uses the full chain
of certificates and the private key I also use for the website itself,
and I made sure that ~/.gnutls was empty (no known-hosts file), and it
still works on my system. Sadly, I don't really knows the ins and outs
of SSL and TLS so I don't know where I'd start. All I know is that you
need to trust Let's Encrypt, since they signed my certificate so I guess
gnutls-cli needs to know where all the CAs are on your system?

Alternatively, I looked at my logs and found the following:

Could not finalize SSL connection with client handle (SSL accept at
tempt failed because of handshake problems error:14094412:SSL
routines:SSL3_READ_BYTES:sslv3 alert bad certifica te)

I think currently
https://nam01.safelinks.protection.outlook.com/?url="">
will disable SSL2 and SSL3, so perhaps that's the problem. You should be
using TLS 1.2, I think.

Cheers
Alex
--
Public Key Fingerprint = DF94 46EB 7B78 4638 7CCC  018B C78C A29B ACEC FEAE

Reply to: