[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: State of Gopher and TLS?

On 26/10/2022 02:40, Steve wrote:
If you are publishing something to the PUBLIC what they heck do you need TLS for?

I should add that TLS not only serves little purpose in the context of publicly available data, but it also adds a false sense of security, as the user might get fooled into thinking he can do whatever he wants without anyone being able to tell.

The above is of course not specific to Gopher, so let's refocus.

Gopher is a poorly designed protocol. I mean, sure, it does *some* things well, but it also comes with a couple of artificial limitations and imposed oddities. The one excellent reason it is around is that besides its drawbacks, it's simple and accessible to any machine, even using software dating from the previous century thanks to its lack of (major) evolution. It effectively acts as a kind of virtual museum.

Embedding some TLS (or other crypto tech) into it would defeat, in my opinion, this one purpose Gopher is good at, because it would make the protocol immediately 1000x more complex and 1000x more CPU-intensive. And, perhaps most important of all - Gopher would loose its transcendental value, since anything TLS-related would be unlikely to survive 10 years because of the ever changing nature of the crypto world.

*** Disclaimer ***

I have been told that I am hostile and unfriendly. That's not my intention, and I am sorry if my messages appear as such. I do have strong opinions, though, and communicating them sometimes ends up looking harsh. Again - not my intention. I only express my personal views, and I am very open to discussion.


Reply to: