Re: TLS in Gopher

To: gopher-project@other.debian.org
Subject: Re: TLS in Gopher
From: "Iain R. Learmonth" <irl@fsfe.org>
Date: Thu, 1 Mar 2018 09:27:11 +0000
Message-id: <[🔎] 6403f079-e33a-32b6-eb0d-799db1153916@fsfe.org>
In-reply-to: <[🔎] 20180301092349.GA5041@evenstar>
References: <201802281412.w1SECZQQ14221364@floodgap.com> <3f315703-c10d-e4ca-965f-d9f5d6d84e9e@fsfe.org> <[🔎] alpine.LSU.2.21.1803010152040.19032@gopher> <[🔎] b30cfa7e-0b08-1e38-9649-994de71891d2@fsfe.org> <[🔎] 20180301092349.GA5041@evenstar>

Hi,

On 01/03/18 09:23, Nuno Silva wrote:
> But gopher with TLS is not gopher. The TLS handshake is not gopher. It
> *is* a distinct protocol with a different behaviour. IMHO not making it
> something clearly separated from gopher may cause more breakage.

If your server is going to crash when it sees something that is not a
well crafted Gopher selector, it shouldn't be on the Internet. Servers
should be resilient to all sorts of crazy inputs. It would be
interesting to see some fuzzing of Gopher servers/clients.

> You could also cache failures on the "gophers" port and retry with plain
> gopher on port 70.

Currently I have 65,535 options for my gopher port, but I'm only going
to have one for Gopher+TLS? That seems like a ridiculous restriction
that doesn't need to exist.

Thanks,
Iain.

Reply to:

References:
- Re: TLS in Gopher
  - From: Zachary Lee Andrews <zcrayfish@gmail.com>
- Re: TLS in Gopher
  - From: "Iain R. Learmonth" <irl@fsfe.org>
- Re: TLS in Gopher
  - From: Nuno Silva <nunojsilva@ist.utl.pt>

Prev by Date: Re: TLS in Gopher
Next by Date: Re: TLS in Gopher
Previous by thread: Re: TLS in Gopher
Next by thread: Re: TLS in Gopher
Index(es):
- Date
- Thread