[tech] Plaintext Gemini extension

Artur Honzawa arturh at gmail.com
Wed Mar 10 09:13:33 GMT 2021


Thanks Björn, I totally get that. Nevertheless, isn't the protocol still
vulnerable to first connection MITM attacks?

On Wed, Mar 10, 2021 at 9:54 AM Björn Wärmedal <bjorn.warmedal at gmail.com>
wrote:

> On Wed, 10 Mar 2021 at 09:18, Artur Honzawa <arturh at gmail.com> wrote:
> >
> > It probably has been proposed before, but this is how I could see it
> working:
> >
> > Serve rot13 encoded stream in port 1964 as fallback for clients without
> TLS support.
> >
> > Add gemini-plaintext: schema for servers without TLS support.
> >
> > Low implementation burden overall, old hardware support. Thoughts?
>
> All current gemini servers and clients support TLS, and the presence
> of encryption is a cornerstone of gemini. If you don't want it you can
> use gopher instead :)
>
> Supporting old hardware is a noble goal, but I'd say that's better
> achieved by building a proxy service somewhere that serves gemini
> capsules over http.
>
> Cheers,
> ew0k
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20210310/a1e179b2/attachment.htm>


More information about the Gemini mailing list