[tech] Plaintext Gemini extension

Stephane Bortzmeyer stephane at sources.org
Wed Mar 10 08:31:50 GMT 2021


On Wed, Mar 10, 2021 at 09:18:14AM +0100,
 Artur Honzawa <arturh at gmail.com> wrote 
 a message of 25 lines which said:

> Add gemini-plaintext: schema for servers without TLS support.

Each time you have two security levels (encrypted and unencrypted),
besides added complexity, you have the problem of downgrade attacks
<https://en.wikipedia.org/wiki/Downgrade_attack>. These attacks have
plagued all protocols with both an encrypted nd unencrypted version
(SMTP…), that's why HTTP/3 (and Gemini!) only have one version.



More information about the Gemini mailing list