Designing a simpler alternative to TLS

Scot gmi1 at scotdoyle.com
Sat Nov 21 13:31:02 GMT 2020

Previous message (by thread): Designing a simpler alternative to TLS
Next message (by thread): Designing a simpler alternative to TLS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11/20/20 8:53 PM, Adnan Maolood wrote:
> I've been working on a simpler alternative to TLS, mostly for fun and
> also as a learning excersize to have a better understanding of how TLS
> works.
>
> You can find it here:
> https://sr.ht/~adnano/miso/
>
> Obviously this has not undergone any security audits, so don't use it
> for anything serious.
>
> Biggest differences from TLS:
>
> - No certificate authorities; use TOFU instead
> - No version negotiation
> - No session resumption
> - Encrypted server name indication
> - Much simpler
>
> Let me know what you think!

# 2.1 Protocol Overview
Application Data:
   C <- Status 0 <- S
   C <- App Data <- S
   C -> Status 0 -> S
   C -> App Data -> S
   ...
   C <- Status 1 <- S
   -- Connection closed


## 2.4 Close Notify
The client and server MUST send the status code FINISHED before closing the connection.


2.1 shows only the server sending a 'finished' status, but 2.4 says both sides must do so?

Previous message (by thread): Designing a simpler alternative to TLS
Next message (by thread): Designing a simpler alternative to TLS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list