[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Gopher over TLS

Back in May of 2020, I wrote this:

It was thus said that the Great Sean Conner once stated:
> It was thus said that the Great Sebastiaan Deckers once stated:
> > FWIW, I drafted a spec of Gopher over TLS. Published the server and client
> > libraries and deployed them in production.
> > 
> > https://gitlab.com/commonshost/goth#gopher-over-tls-got-protocol
>   Not bad, I like it.  I also would *love* if the existing clients that
> attempt TLS over gopher would follow this bit:
> 	If the TCP/IP socket was successful but the attempt fails without
> 	receiving a ServerHello message, a GoT client may attempt to connect
> 	without TLS, treating the connection as plaintext Gopher. This
> 	failure may be cached for as long as the server's DNS records are
> 	^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 	valid.
> 	^^^^^
> There's at least one client out there (I think it's a web-to-gopher proxy)
> that attempts to ust TLS *every damn time* it makes a request and frankly,
> I'm close to just outright blocking that IP address.  Once a day (the
> current TTL for 'gopher.conman.org') isn't bad, but *every single time* is
> just rude (in my opinion).

  It's happening again.  There's a gopher client (or proxy) that is
attempting to request a page from my gopher site via TLS, *then* regular
TCP.  I still don't think TLS is a viable option for TLS [1] but hey,
differing opinions and all that.  I just think that if any client wants to
use TLS over gopher, follow the above advice.  Thank you.

>   -spc (My other pet peeve of gopher clients is the notion that every
> 	selector starts with a '/' ... )

  This bit *has* improved over the past 18 months or so.


[1]	Gemini, which *started out with TLS*, often gets criticism for using

Reply to: