Re: Gopher TLS support in curl
Greetings.
On Mon, 21 Dec 2020 18:11:18 +0100 John Goerzen <jgoerzen@complete.org> wrote:
> There is a lot that TLS could make possible; in fact, we could get
> virtual hosting without having to bake it into the Gopher protocol
> thanks to SNI, and it makes sense to add this kind of protection
> to the modern Internet.
Virtual Hosting is a misdesign of the web. It made it big, but removed
the view on other protocols and bifurcated into wrong design decisions,
not using the OS features for protection. See the ugliness of web
sessions for what I mean.
> My only concern is that running TLS over port 70 will bifurcate
> Gopherspace. A given host will have to choose to either support
> the legacy clients or the new ones, and can't do both on the same
> IP & hostname. Would we still have time to pop it over to some
> other port, say 770 or 7070 or something, before this gets
> established?
Geomyidae uses a simple probing, which can be easily implemented in
every server.
if (recv(sock, &byte0, 1, MSG_PEEK) < )
return 1;
if (byte0 == 0x16) {
do_tls();
}
All servers not wanting to implement TLS should do this too, but then
do an explict close of the connection. Some hosting providers have
really ugly packet filtering not giving any response and natural
connection closing. The Internet has become a mess because of the web
and the cloud.
A separate port will lead to a bifurcated gopher, because there is no
support in gopher menus. Extending gopher menus leads to less legacy
support, which is what makes gopher so much fun.
The connection overhead is not high for TLS probing.
Sincerely,
Christoph Lohmann
Please activate Javascript to see the full signature.
Reply to: