On 07/12/2021 00:40, Sean Conner wrote:
Why are we encrypting data that is published publicly?It can be used to ensure that the data hasn't been modified on the way from the server to your client
Perhaps I am nitpicking, but this is not true. Integrity does not imply encryption (of the payload).
The other thing is that all these gopher-over-TLS sites use either a self-signed certificate or a x509 cert issued by a free CA. It is very easy to substitute such server with a similar (modified) server simply presenting a different certificate. The only valid approach would be for you to meet with the author of the gopher site that you visit, so he could provide you with his public key, and then you could validate that the key hasn't changed each time you visit his gopher hole. But come one, nobody cares. All this gopher-TLS venture is only a sick joke.
Mateusz