Mateusz writes:
> Integrity does not imply encryption (of the payload).
True, but encryption is one way to detect tampering.
That said, x.509 certs address a specific problem, one that might not
be important to those who care about Gopher & other fringe ways of
using the Internet. Placing Gopher sites on the onion network might
be more appropriate than using x.509 certs.
x.509 certs are intended to tie an online entity to an offline organization.
Doesn't seem like something that Gopher users & providers care about.
Onion sites provide pseudonymity to their clients (also privacy over the wire),
but don't attempt to tie a server with an organization. Might be more
appropriate for Gopher. It's also easy to setup, might require no modification
to many Gopher clients & servers. (Someone wrote a blog post about this
idea several years ago, but I'm unable to find it now.)