Greetings comrades.
The idea of TLS for gopher has come up again. With rising popularity
people seem to want to push all HTTP principles into gopher. Since I
have control of geomyidae and some gopher clients for tryouts I want to
propose the following to end the whole discussion:
Ideal way:
C->S: STARTTLS\r\n
S->C: <TLS begins on both sides>
C->S(in TLS): selector[\tsearch]\r\n
S->C(in TLS): answer
Compatibility:
C->S: STARTTLS\r\n
S->C: 3Some error .... (TLS on client side fails)
# New connection
C->S: selector\r\n
S->C: answer
I proposed to make every selector beginning with a char of uppercase
ASCII (A‐Z) to be a special case. This will permit following historical
compatibility:
* Servers allowing HTTP transparent serving.
* Maybe allow things like haproxy to work for gopher servers.
## Why no separate port?
* We need to define some way in menus for TLS entries.
* It will require not just an upgrade of clients and servers.
* It will require gophers:// to be defined and introduced.
## What other proposals were there to add TLS support?
* Using some separate tab parameter.
* Will get in the way with gopher+.
* Gopher+ is already a big enough burden.
* Using some caps file.
* Reimplementation of gopher+.
* Adds metadata for fingerprinting.
* Think of tor usage.
* Adds roundtrips.
* Using some special path like »/.starttls«.
* Can overlap with real files.
* My proposal of first checking for TLS data bytes.
* Does not add the other compatibility I mention above.
What do you people think of my proposal?
Depending on the input I will start implementing this in geomyidae and
sacc and write the RFC.
Sincerely,
Christoph Lohmann