Regarding `gemini://` over NaCL (replacing TLS)

[Ciprian Dorin Craciun]

On Tue, Mar 10, 2020 at 3:55 PM Jason McBrayer <jmcbray at carcosa.net> wrote:
> If we really wanted to go down this route, Noise protocol is more
> comparable to TLS than just using NaCL directly; the Python bindings
> seem only about as complex to use as the Python TLS bindings. The only
> thing is that Noise has libraries for 5 or 6 languages, compared to how
> ubiquitous TLS is.


In the interim I've documented my proposal, including a clear diagram,
used functions from libsodium and an asessment:
* https://github.com/cipriancraciun/gemini-experiments/blob/master/nacl/documentation/protocol-v1.md
* https://github.com/cipriancraciun/gemini-experiments/blob/master/nacl/documentation/libsodium-internals.md


Now, regarding the Noise protocol, as you've observed there aren't
many implementations of it;  however on the other side the Noise
protocol is actually a "blueprint" of how to implement secure
communication protocols and doesn't actually specify any cryptographic
primitives;  thus all the existing libraries are either incompatible
with each other or are quite uninteligible (I've looked at a few
Rust-based implementations and I wouldn't know where to start using
them).

On the other side my proposal was to get "inspired" from the Noise
protocol, and then try to provide a simple and clear "recipe" based on
that.


Ciprian.