Re: Gopher over TLS
Back in May of 2020, I wrote this:
It was thus said that the Great Sean Conner once stated:
> It was thus said that the Great Sebastiaan Deckers once stated:
> > FWIW, I drafted a spec of Gopher over TLS. Published the server and client
> > libraries and deployed them in production.
> >
> > https://gitlab.com/commonshost/goth#gopher-over-tls-got-protocol
>
> Not bad, I like it. I also would *love* if the existing clients that
> attempt TLS over gopher would follow this bit:
>
>
> If the TCP/IP socket was successful but the attempt fails without
> receiving a ServerHello message, a GoT client may attempt to connect
> without TLS, treating the connection as plaintext Gopher. This
> failure may be cached for as long as the server's DNS records are
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> valid.
> ^^^^^
>
> There's at least one client out there (I think it's a web-to-gopher proxy)
> that attempts to ust TLS *every damn time* it makes a request and frankly,
> I'm close to just outright blocking that IP address. Once a day (the
> current TTL for 'gopher.conman.org') isn't bad, but *every single time* is
> just rude (in my opinion).
It's happening again. There's a gopher client (or proxy) that is
attempting to request a page from my gopher site via TLS, *then* regular
TCP. I still don't think TLS is a viable option for TLS [1] but hey,
differing opinions and all that. I just think that if any client wants to
use TLS over gopher, follow the above advice. Thank you.
> -spc (My other pet peeve of gopher clients is the notion that every
> selector starts with a '/' ... )
This bit *has* improved over the past 18 months or so.
-spc
[1] Gemini, which *started out with TLS*, often gets criticism for using
TLS.
Reply to: