https://www.reddit.com/r/geminiprotocol/comments/1i2flyp/why_encrypt/
created by tinspin on 16/01/2025 at 03:16 UTC*
0 upvotes, 1 top-level comments (showing 1)
Since the whole point with the markdown is to share information why do you need to encrypt it at all?
I understand that Tox needs encryption because you have private exchange, but for a information sharing platform only auth is required?
Much simpler to just use https://datatracker.ietf.org/doc/html/rfc2289[1] for that no?
1: https://datatracker.ietf.org/doc/html/rfc2289
Comment by shavetheyaks at 16/01/2025 at 08:58 UTC
3 upvotes, 2 direct replies
It's probably mostly that TLS is very mature with multiple open source libraries, has bindings in most modern languages, and has a wider range of capabilities than something that's just an auth protocol. It can verify identities in both directions, supports compression, session resumption, there's certificate infrastructure in place already, and everyone's familiar with it.
Also, sometimes encryption is required. Could be communicating through censorship/surveillance, or just as simple as something you don't necessarily need everyone else to see.
In a world where everything is unencrypted by default, encrypted traffic sticks out. Even if the contents can't be eavesdropped, it can be known that one particular conversation between two parties was important enough to hide - and that might be enough to cause damage. But if everything is encrypted...
And encryption doesn't get in the way of information exchange (since eavesdropping is not the way polite society exchanges information), so there's no harm to that goal.