Re: Gopher Desktop Client
On Fri, Mar 12, 2021 at 02:29:17AM +0100, Ivan J. wrote:
> On 12 March 2021 01:45:13 CET, Luke Emmet <luke@marmaladefoo.com> wrote:
> >
> >
> >On 12-Mar-2021 00:24, Ivan J. wrote:
> >>
> >> For a start, you could also make it support Gopher over TLS ;)
> >>
> >Not sure if this is a facetious comment given the smiley above, but if
> >you want Gopher + TLS, really Gemini should be what you're looking at
> >IMO. I hope I haven't blasphemed by mentioning it on the gopher channel
> >
> >though ;)
> >
> > - Luke
>
> Gemini is not gopher. And no, my comment wasn't malevolent. I took the initiative and added Gopher over TLS to software used by millions of people. It works well.
>
> IMHO, Gemini is just a Frankenstein protocol with no real usecase. You can either use HTTP or use Gopher. It goes against basic philosophy to invent something like Gemini.
>
> Best regards,
> Ivan
>
Hi,
I agree and both plain gopher and TLS gopher are supported by the server by
peeking the first TLS byte like the gopher server geomyidae does, the text
protocol remains the same.
Here is how it works and it is implemented:
gopher://bitreich.org/1/scm/geomyidae (main.c on line 777):
if (byte0 == 0x16 && dotls) {
A common question is how downgrade attacks are prevented. It is assumed the
TLS URLs are in the format gophers:// and the client then checks against
downgrade-attacks.
For persistent sessions this can be done with a list by pinning previously
known TLS Gopherholes, similar to how HTTP HSTS works. Afaik this has not been
fully worked out yet though and also proper documentation is being worked on.
--
Kind regards,
Hiltjo
Reply to: