> On Mar 4, 2021, at 18:45, Drew DeVault <sir at cmpwn.com> wrote: > > https://en.wikipedia.org/wiki/Trust_on_first_use > > See also section 4.2 of the Gemini specification: Gemini keeps on repeating 'tofu', 'tofu', 'tofu' ? like a talisman. And each and every client understand it differently ? if at all. To add insult to injury, it's purely optional. Optional! While TLS is mandatory! It's fantastic that servers generates certificates on the fly ? trivial things first. But then what? What's the operating model? Specifically. Consistently. Across the board. If each client-server pairs have their own view on how to handle TLS ? then Gemini has nothing at all. Just a giant mess. With mandatory TLS pain for everyone. I don't get it. So be it. ?0?
---
Previous in thread (8 of 47): 🗣️ Bradley D. Thornton (Bradley (a) NorthTech.US)
Next in thread (10 of 47): 🗣️ text (a) sdfeu.org (text (a) sdfeu.org)