Re: Gopher over TLS
I like the idea of using a simpler encryption. A huge advantage of
Gopher is that a server can be set up in a few lines of code.
@klez sent a XKCD with the current stiuation.
If that's the case would anyone be interested in co-authoring an RFC?
I personally never wrote an RFC. The only standardization document I
wrote was BIP 179.
Having a RFC is the first steps for a general standardization.
Am 14.03.20 um 13:06 schrieb Ciprian Dorin Craciun:
On Sat, Mar 14, 2020 at 1:36 PM Emil Engler <firstname.lastname@example.org> wrote:
Hi, I thought about writing a standard for a secure Gopher protocol
Have there been any proposals for this yet and what's the general
consensus about this on this ML
Side-note: Apparently there is a new ("competing") protocol that is
being developed by a group of Gopher enthusiast named Gemini, which
basically adds MIME support, uses a Markdown-based syntax instead of
Gopher maps and uses TLS by default.
In that context, I made the proposal of replacing TLS with a simpler
NaCL / libsodium alternative. And by "simpler" I mean that given one
has access to `libsodium`, or is able to copy-paste the 4
cryptographic primitives (basically XSalsa20, Poly1305, Ed25519 and
Curve25519), one should be able to implement this in a few lines of
Fortunately, that proposal (given it has nothing tied or specific to
Gemini) can be re-used for Gopher (or any other message based
Bellow is the thread and my proof-of-concept Python-based
implementation, together with a diagram, analysis and description:
* proposal document --
* proof-of-concept code --
* mailing list thread --
(Full disclaimer: I am not a cryptographer; I am aware of "not
implementing your own crypto"; I have not "invented" new
cryptographic primitives but instead reused existing ones the way they
were meant; I have studied the Noise Protocol a few other proposals;
and tried my best. See the thread for a lengthy take on this.)
(If there are any cryptographers out there, please take a look if you
Hope this is useful,