Ditching mandatory TLS

Sean Conner sean at conman.org
Sat Jul 4 22:12:17 BST 2020

Previous message (by thread): Ditching mandatory TLS
Next message (by thread): Ditching mandatory TLS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

It was thus said that the Great Drew DeVault once stated:
> Unpopular opinion time: Gemini should not have mandatory TLS.
> 
> - TLS is not conveinent for local development
> - TLS is inherently dependent on a centralized oligarchy of CAs
> - Baking TLS into the protocol is going to be a bad look when The Next
>   TLS comes out
> - Some alternative modes of internet access have built-in encryption
>   guarantees: yggdrasil, cjdns, Tor; and for these adding TLS is
>   redundant (and arguably worse)

  I won't argue that TLS is a bad choice, but before throwing out
alternatives like yggdrasil, cjdns or noise, instead *just implement the
damn thing* [1][2]---write both a Gemini server and client (for bonus
points---implement ALL THE ENCRYPTIONS!) so the rest of us can see how easy
it is, and *then* we can have an actual discussion about transitioning away
from TLS (or including other mechanisms).

  This has already been done once:

	https://lists.orbitalfox.eu/archives/gemini/2020/000457.html

and the follow-up:

> ####  About my previous proposal
> 
> I'll have to think harder about it (within my limited cryptographic
> expertise), and perhaps submit it to a cryptographers community for
> feedback.
> 
> At the moment I can see only a minor privacy flaw in it:  the client
> discloses its identity (and proof of identity) to any server;  instead
> it should first wait for the server to disclose its identity (and
> proof of identity) before proceeding.
> 
> This issue stems from the fact that the ransport_prepare function
> is "symmetrical" and tries to reduce network round-trips;  instead the
> client could first wait for the server verifier and then send its own
> (i.e. just a minor change to that function).

	(https://lists.orbitalfox.eu/archives/gemini/2020/000477.html)

  -spc (Note:  not much from Ciprian since then ... )

[1]	I disagreed with solderpunk about the status codes when he first
	proposed Gemini.  In stead of hashing it out over months, I just
	went ahead and wrote a Gemini server with the status codes I thought
	it should have.  We then spent a few months hashing it out, but at
	least there was an implementation (or two by the time the discussion
	came to an end) backing up the argument(s).

[2]	This applies to anyone, not just Drew.

Previous message (by thread): Ditching mandatory TLS
Next message (by thread): Ditching mandatory TLS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list