Am 2021-12-06 10:18, schrieb Sean Conner:
of course the reason for TLS is (to state the obvious) that someone in between might read or even modify the data the client gets. If we assume a man-in-the-middle then the TLS option would be taken out of the CAPS response, which is why this may not work reliably.
I don't like the Gemini approach because it *forces* admin to go TLS and I expect that we will see lot of broken certificates in Gemini-space in a few years.
However, I also thought to add optional TLS to my client but I didn't look at any detail so far. From your discussion I understand that there is no easy way to probe for TLS, right?