Mercury

Sean Conner sean at conman.org
Fri Jun 26 23:32:19 BST 2020

Previous message (by thread): Mercury
Next message (by thread): Mercury
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

It was thus said that the Great defdefred once stated:
> On Thursday 25 June 2020 23:23, <paper at tilde.institute> wrote:
> > not really, VPN is only moving the problem to a different state/company,
> > then the traffic would be plain text. The solution would be a VPN to the
> > gemini server, but basicaly that's called TLS xD
> 
> True, but a VPN is created to serve multiple requests.

  Yes and no.  A VPN is *not* at all like HTTPS or Gemini.  It is *not* used
for program to program communication (the TCP layer) but computer to
computer communciation (the IP layer).  Technically, a VPN routes IP (the
packet of which are encrypted) over IP (the packets of which are regular,
unencrypted packets) and looks like a router.  Normally, traffic would go:

	[program1 -> data -> TCP -> IP -> client] (1st computer)
		-> router -> router -> ... router -> 
	[server -> IP -> TCP -> data -> program2] (2nd computer)

  A VPN does this:

	[program1 -> data -> TCP -> IP -> VPN endpoint -> client] (1st computer)
		-> router -> router ... -> router ->
	[VPN endpoint] (2nd computer)
		-> router -> router ... -> router ->
	[server -> IP -> TCP -> data -> program2] (3rd computer)

I.E., a VPN is just a fancy router.  The server never knows (nor cares)
about the VPN.

> May be wireguard to the gemini server is the way to go :-)

  Stop trying to sell it as a TLS alternative---it *ISN'T!*

  -spc

Previous message (by thread): Mercury
Next message (by thread): Mercury
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list