💾 Archived View for rawtext.club › ~sloum › geminilist › 001959.gmi captured on 2020-10-31 at 02:37:56. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2020-09-24)
-=-=-=-=-=-=-
Sean Conner sean at conman.org
Fri Jun 26 23:32:19 BST 2020
- - - - - - - - - - - - - - - - - - -
It was thus said that the Great defdefred once stated:
On Thursday 25 June 2020 23:23, <paper at tilde.institute> wrote:
not really, VPN is only moving the problem to a different state/company,
then the traffic would be plain text. The solution would be a VPN to the
gemini server, but basicaly that's called TLS xD
True, but a VPN is created to serve multiple requests.
Yes and no. A VPN is *not* at all like HTTPS or Gemini. It is *not* usedfor program to program communication (the TCP layer) but computer tocomputer communciation (the IP layer). Technically, a VPN routes IP (thepacket of which are encrypted) over IP (the packets of which are regular,unencrypted packets) and looks like a router. Normally, traffic would go:
[program1 -
data -
TCP -
IP -
client] (1st computer) -
router -
router -
... router -
[server -
IP -
TCP -
data -
program2] (2nd computer)
A VPN does this:
[program1 -
data -
TCP -
IP -
VPN endpoint -
client] (1st computer) -
router -
router ... -
router -
[VPN endpoint] (2nd computer) -
router -
router ... -
router -
[server -
IP -
TCP -
data -
program2] (3rd computer)
I.E., a VPN is just a fancy router. The server never knows (nor cares)about the VPN.
May be wireguard to the gemini server is the way to go :-)
Stop trying to sell it as a TLS alternative---it *ISN'T!*
-spc