Regarding `gemini://` over NaCL (replacing TLS)

[Ciprian Dorin Craciun]

On Tue, Mar 3, 2020 at 9:16 PM solderpunk <solderpunk at sdf.org> wrote:
> On Tue, Mar 03, 2020 at 02:20:57PM +0200, Ciprian Dorin Craciun wrote:
>
> > (Although I think the change of adopting anything besides TLS is
> > closer to 0 at this moment, which I would say is a shame...)
>
> You are pretty well right about this (and I won't even argue too
> strongly the fact that it's kind of a shame).
>
> I really hate to do anything like shutting this line of discussion down,
> especially after you have already invested so much effort into
> implementing a proof of concept.  But the truth is that I think it's too
> late in the game for this kind of change.


Can I still keep this thread "open", at least to give a "theoretical"
alternative?  (Just talking about the alternative, although not using
it, could give us an insight of what might be nice to have in a future
iteration.)

(I don't think I'll be posting much on this, except after I get some
feedback from the cryptographers community.)




> Replacing TLS with *anything* else would completely break every existing
> piece of Gemini software, which is a non-trivial amount, written by many
> different people of varying degrees of continuing activity in the
> project.

It's not like there are hundreds of client and server implementations...  :)




> There is a very real chance that this kind of change would
> introduce a permanent schism between "New Gemini" and "Old Gemini" when
> a subset of servers (in both senses of the word) and clients were not
> updated.  Not only would software break, but I imagine a lot of
> participants in the projet would be unhappy as well.  I worry that the
> community is too small and fraile to survive what would effectively be a
> fork.


This is perhaps true;  although as said, with strong consensus, I
don't think that would happen.

Ciprian.