Re: TLS in Gopher

To: gopher-project@other.debian.org
Subject: Re: TLS in Gopher
From: "Iain R. Learmonth" <irl@fsfe.org>
Date: Wed, 28 Feb 2018 07:53:19 +0000
Message-id: <[🔎] 7b8b1f5c-40e4-a339-a8ce-914176911d01@fsfe.org>
In-reply-to: <[🔎] 201802280205.w1S25Dxb6684768@floodgap.com>
References: <[🔎] 201802280205.w1S25Dxb6684768@floodgap.com>

Hi,

On 28/02/18 02:05, Cameron Kaiser wrote:
> Although I would prefer gopher+TLS have a categorical port and only be
> accessible that way, I don't object to probing/upgrading, as long as the
> client is smart about it.

The idea of requiring a specific port number sounds like a complete hack.

Instead, can you not just cache that STARTTLS was successful and then
immediately attempt TLS handshake when you connect next time instead of
doing the STARTTLS upgrade?

Even better, how about you just always try to do a TLS handshake and
cache the failures instead? STARTTLS in reverse, where if the handshake
fails you reconnect without TLS and then don't attempt a handshake again
for a while.

Thanks,
Iain.

Reply to:

Follow-Ups:
- Re: TLS in Gopher
  - From: Cameron Kaiser <spectre@floodgap.com>
- Re: TLS in Gopher
  - From: Nuno Silva <nunojsilva@ist.utl.pt>

References:
- Re: TLS in Gopher
  - From: Cameron Kaiser <spectre@floodgap.com>

Prev by Date: Re: TLS in Gopher
Next by Date: Re: TLS in Gopher
Previous by thread: Re: TLS in Gopher
Next by thread: Re: TLS in Gopher
Index(es):
- Date
- Thread