[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Gopher over TLS



On 06/12/2021 09:37, Sean Conner wrote:
I hear about this gopher/TLS abomination since many years now. Haven't
those TLS-people figured out a non-intrusive way to do their thing by
now without bothering standard-gopher-people? ie. some DNS SRV record,
or special URL marking, or CAPS capability, or custom port, or something
else?

   It's not that easy---I wrote about this a few years ago [1] and relatively
recently [2], which briefly goes into how I think people expect this to
work.
[1]	http://boston.conman.org/2019/03/31.1

I wasn't trying to make it sound easy. My point was that pretty much anything would be better than hammering a plain gopher server with stupid TLS requests that can only fail.

I am not at all interested in gopher over TLS, I consider it as a blasphemy. One of the things I like about gopher is its simplicity, openness and transparency. But that's me. I can understand that other people may have other things that make them "tick". That being said, if *I* was interested in gopher-over-TLS, I'd consider two possible scenarios:

1. using a DNS SRV record to tell "this host supports gopher-over-TLS on port xxx"

2. advertising TLS through CAPS. First, a gopher client fetches the CAPS (over plain text), and then it may switch to TLS queries if it sees TLS being okay'ed in CAPS.

Both of these solutions need no protocol change (incl. no change in gophermaps).

In your blog post you do not address any of these two approaches. But again - I don't care really, other than wishing not to be annoyed by TLS-people abusing the standard.

Mateusz


Reply to: