I've had conversations with at
least two geminiers lately, https is a combination of two
zdrmonster and anthonyg. It things. Firstly, there's a
highlights that I should have whitelist of internet sites that
friendlier tone with gemini you can get a domain name onto by
people, who are pretty cool, and periodically providing control of
share my musings about security. your server to the whitelist
I'm not looking up or into any managers. Google, Microsoft, Apple
attacks or kinds of attack. (Great and Mozilla will spam you and try
security phost, I know.). to trick you (whether or not
appropriate) into not visiting
Gopher's strength is the unwhitelisted websites. Every time
tremendous beauty and power of you visit a domain, you contact
internetworked gopherholes the whitelist people over the
combined with the minimal elegance internet to check if they think
of the gopher singular. You make a you should visit that domain. The
TCP connection, the server says domain you are visiting is
nothing, the client sends the item recoverable from your https
specifier string, the server request in general anyway. If you
replies with the item and the trust the whitelist managers more
client closes the connection when than some other people, there are
it thinks the item is finished. gains to the newish DNS over
The end. Sure, gophernicus will HTTPS.
automatically give ogg files the
unofficial s itemtype, which lynx There is also the second, sincere
supports, but basically the thing benefit of https ; there's a
about gopher is that it's not process for negotiating session
going to change, and it does encryption with the server you
almost nothing. Ldbeth likes to have connected to, so only the
point out that openbsd netcat is a server knows which page in
fine gopher browser. particular you are visiting.
Imagine those safe links companies
From what I can tell, gemini provide that are private from
sacrifices this elegance to gain others unless shared; they're
two-ish things. Instead of making talking about it being https. If
directories with lots of the https negotiation is suitably
unofficial itemtype i strict, information can be shared
informational lines in order to only with the trusted server. This
have interspersed gophermap item comes at the cost of needing to do
lines (links), gemini just complicated negotiations, which
supports link lines in general, open up extra avenues for
and some gemini markdown styling. datascraping/profiling among
Secondly and moreso firstly, problems, which is at least
gemini supports https. counter to the intuition that it
was safer.
I think informational lines do
fine in gopher directories and Whitelisting can sod off in my
searches, and attaching a markdown opinion, by providing
to the standard is feature creep. unaccountable trust to someone you
However the standard is such that don't know doubly so. However,
gemini markdown files are having a form authentication and
acceptable stylistic text files, encryption at all is a big deal.
and there is relatively little Let's try and apply it to
usage difference when using emacs downloading music from a gopher.
elpher-mode to browse either. Imagine you make a gopher request
specifying a music file. Someone
who wishes you ill gets in the
middle of the request and sends
you back a music file that can
crash your music player or cause
other problems instead of the real
one. Even if not sabotaging you
like this, basically every company
and government is cyberstalking
you in order to sell private facts
about you (this is used on normal
people in real life! It's worse
than you think.).
GNU Privacy Guard (or a crypto
signing equivalent like
signify(1)) can provide
strong-enough signing to mitigate
the bad file sabotage problem,
though this connects back to the
whitelisting problem - you can't
just download a public key, what
if it was a sabotaged public key.
You need to get to know the key
owner well enough to establish it
is really their key, in a libOTR
sort of way (using a contextual
question to establish you're
talking to the right person at the
start of an encrypted
conversation). This is a good
point, and I will try to roll out
signing everything on my gopher,
synth music links included. I can
do this without freezing a
security norm as part of the
standard, leading to the
travesties like https version
supported that are known not
secure.
Also I hope I can be friends with
the geminiers even though I stay a
gopher.