On Thu, May 14, 2020 at 04:27:25PM -0700, Dave Huseby wrote: > What I don't like the most about TLS is the complexity due to backwards compatibility and protocol negotiation. I totally get this. I really want to spec TLS 1.3 as the bare minimum permitted for Gemini because it gets rid of a lot of that complexity. Web browsers can't afford to do this because they need to support all the old servers out there. We don't have that legacy and could start with a clean slate of a simpler, less fiddly TLS. All that holds me back is that this would rule out a lot of otherwise very compelling TLS libraries which don't yet have TLS 1.3 support. Cheers, Solderpunk > I still look forward to your post. > > Cheers! > Dave > > On Thu, May 14, 2020, at 2:23 PM, solderpunk wrote: > > On Thu, May 14, 2020 at 02:09:04PM -0700, Dave Huseby wrote: > > > > > I surely will. I'm curious about your thinking. > > > > I'm not sure you'll be completely sold, but I hope you'll see where I'm > > coming from. > > > > To try to boil it all down: I absolutely agree that TLS has problems > > and I don't doubt that other things, like CurveCP, might overcome or > > avoid a lot of them. But I believe something built on TLS is > > overwhelmingly more likely to be widely implemented and deployed than > > something based on literally anything else, and at the end of the day a > > I think a good but not perfect protocol which becomes widely used and > > supported will do a lot more good for the internet than a "perfect" > > protocol which never becomes more than a curiosity for a small > > community of enthusiasts. > > > > This is not to say I don't think anything "strange and new" can *ever* > > "catch on" or that I think any such efforts are a waste of time. I wish > > all the radical projects aiming at lofty goals all the luck in the > > world, sincerely. But there's a valid niche for something not quite so > > radical which can still be a real and valuable improvement over the > > status quo with very low barriers to adoption. > > > > Cheers, > > Solderpunk > > > >
---
Previous in thread (22 of 25): 🗣️ Dave Huseby (dwh (a) vi.rs)
Next in thread (24 of 25): 🗣️ Sean Conner (sean (a) conman.org)