πΎ Archived View for gem.benscraft.info βΊ mailing-list βΊ threads βΊ 173 captured on 2021-12-05 at 23:47:19. Gemini links have been rewritten to link to archived content
β¬ οΈ Previous capture (2021-12-03)
-=-=-=-=-=-=-
- Jason McBrayer <jmcbray at carcosa.net>
@ Thu, 08 Apr 2021 11:20 -0400
In reply to
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Mansfield writes:
https://ondollo.com/mansfield currently offers free gemini hosting.
Thanks for asking, and thanks for writing up something to help
newcomers!
Hi! I'm deeply ambivalent about recommending your application to new
users. On the one hand, your app does *almost exactly* what I think is
the Right Thing for Gemini publishing: provide a unified native app for
both reading and publishing, with integrated account creation. I
honestly want to commend you for that.
On the other hand, neither your client nor your server are Free
Software. I can't really recommend to new users to run an untrusted
binary that I can't provide any security/privacy assurances for. Despite
my interest, I haven't even run it myself, for that reason.
Likewise, the client locks the user into using your server for
publishing. While that's certainly the easiest approach starting out,
I'd rather see an open standard for registration and publishing,
preferably using existing protocols.
Again, thanks for doing this experiment, because I think it's the right
direction for things to go; I just can't recommend it to new users at
this time.
--
Jason McBrayer | βStrange is the night where black stars rise,
jmcbray@carcosa.net | and strange moons circle through the skies,
| but stranger still is lost Carcosa.β
| β Robert W. Chambers,The King in Yellow
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
- Mansfield <mansfield at ondollo.com>
@ Thu, 08 Apr 2021 11:52 -0600
In reply to Jason McBrayer <jmcbray at carcosa.net>
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
On Thu, Apr 8, 2021 at 9:20 AM Jason McBrayer <jmcbray@carcosa.net> wrote:
Mansfield writes:
> https://ondollo.com/mansfield currently offers free gemini hosting.
> Thanks for asking, and thanks for writing up something to help
> newcomers!
Hi! I'm deeply ambivalent about recommending your application to new
users. On the one hand, your app does *almost exactly* what I think is
the Right Thing for Gemini publishing: provide a unified native app for
both reading and publishing, with integrated account creation. I
honestly want to commend you for that.
Thanks! I think we're meeting our original objective in providing something
that goes from nowhere to creating content in Geminispace with as little
work or explanation as possible. That's awesome that you feel that way too.
On the other hand, neither your client nor your server are Free
Software. I can't really recommend to new users to run an untrusted
binary that I can't provide any security/privacy assurances for. Despite
my interest, I haven't even run it myself, for that reason.
Yeah, the untrusted part is something we're still working through. I doubt
I would run it myself if I hadn't written it! :-D
I also think that paying to sign the binaries would still *not* be enough,
right? At least, from my perspective (imagining I hadn't written it) I
would still not trust the client or server.
Likewise, the client locks the user into using your server for
publishing. While that's certainly the easiest approach starting out,
I'd rather see an open standard for registration and publishing,
preferably using existing protocols.
Interesting perspective... I think I would have characterized it
differently, but that's OK. When you mention 'using existing protocols', I
would assume you mean SSH - is that what you were meaning?
Again, thanks for doing this experiment, because I think it's the right
direction for things to go; I just can't recommend it to new users at
this time.
--
Jason McBrayer | βStrange is the night where black stars rise,
jmcbray@carcosa.net | and strange moons circle through the skies,
| but stranger still is lost Carcosa.β
| β Robert W. Chambers,The King in Yellow
Makes sense. I'll keep chipping away at something to see if progress can be
made.
I think, from your perspective, you're looking for something that is...
open source... and that uses a more standard approach for registering and
publishing, right?
Maybe if the client were written to run in the browser? But then the server
wouldn't be open... humm... though... I'm curious... is there *any* server
that is running where the code being run can be verified? I could see
someone saying, "I'm running the open source version of FOO as the server",
but they could have tweaked it to be FOO' or something... thoughts?
Again - thanks! We'll keep thinking about this.
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
- Jason McBrayer <jmcbray at carcosa.net>
@ Fri, 09 Apr 2021 09:44 -0400
In reply to Mansfield <mansfield at ondollo.com>
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Mansfield writes:
I also think that paying to sign the binaries would still *not* be
enough, right? At least, from my perspective (imagining I hadn't
written it) I would still not trust the client or server.
It's hard to say. I lean towards no... I know on proprietary OSes that
people do normally download and run signed binaries, and that this is
the level of trust that's normal to them. But so far, I haven't
recommended anything that's not Free Software...
Likewise, the client locks the user into using your server for
publishing. While that's certainly the easiest approach starting out,
I'd rather see an open standard for registration and publishing,
preferably using existing protocols.
Interesting perspective... I think I would have characterized it
differently, but that's OK. When you mention 'using existing
protocols', I would assume you mean SSH - is that what you were
meaning?
SSH would in some ways be the best option. It's secure, and easy for the
server admins to set up and permission. But it makes a cross-platform
client harder, particularly on Windows (no vendor-supplied scp binary,
and it's known to be very hard to build libssh2 there). FTP is an
option, but it has privacy/security issues, and supporting libraries
often don't support FTPS. There's a case to be made for using HTTPS,
honestly, but I'd like to avoid web platform stuff by default (i.e.,
unless it's clearly the best choice).
I think, from your perspective, you're looking for something that
is... open source... and that uses a more standard approach for
registering and publishing, right?
Yes. I'm actually working In My Copious Free Time on a standard and
a reference implementation for doing this, but I wouldn't expect real
fast progress. It's just at the thinking and taking notes stage.
Maybe if the client were written to run in the browser?
There are actually several browser-based Gemini posting options
(midnight.pub, gemlog.blue, flounder.online), but I'm interested in
native apps, in the interest of fully decoupling from the WWW.
But then the server wouldn't be open... humm... though... I'm
curious... is there *any* server that is running where the code being
run can be verified? I could see someone saying, "I'm running the open
source version of FOO as the server", but they could have tweaked it
to be FOO' or something... thoughts?
Most Gemini servers are FLOSS, but yes, there's no way to verify that
the code running on the server is exactly the public released code. I
don't see this as quite as essential as being able to trust the client
code, because if you're hosting your documents on someone else's server,
you've got to trust them to a certain extent anyway, and you're not
letting someone run code on your machine, with potential access to your
data that you haven't shared.
--
Jason McBrayer | βStrange is the night where black stars rise,
jmcbray@carcosa.net | and strange moons circle through the skies,
| but stranger still is lost Carcosa.β
| β Robert W. Chambers,The King in Yellow
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
- almaember <almaember at disroot.org>
@ Fri, 09 Apr 2021 16:18 +0200
In reply to Jason McBrayer <jmcbray at carcosa.net>
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
On Fri, 09 Apr 2021 09:44:01 -0400
Jason McBrayer <jmcbray@carcosa.net> wrote:
SSH would in some ways be the best option. It's secure, and easy for
the server admins to set up and permission. But it makes a
cross-platform client harder, particularly on Windows (no
vendor-supplied scp binary, and it's known to be very hard to build
libssh2 there).
Actually, Windows 10 now comes with OpenSSH by default, and it has the
SCP command that can be used the same way you'd use it on Unices.
And since essentially all the other MSWindows versions are unsupported
(except for 8.1, which, let's be real, nobody uses).
So that shouldn't be a big problem.
~almaember
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
- Jason McBrayer <jmcbray at carcosa.net>
@ Fri, 09 Apr 2021 11:25 -0400
In reply to almaember <almaember at disroot.org>
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
almaember writes:
Actually, Windows 10 now comes with OpenSSH by default, and it has the
SCP command that can be used the same way you'd use it on Unices.
That's good to know, though I get the feeling that Windows 7 is more
widely used than is probably healthy.
Libssh2 would be *nicer*, but it's good to know that you can shell out
to scp on Windows 10 at worst.
--
Jason McBrayer | βStrange is the night where black stars rise,
jmcbray@carcosa.net | and strange moons circle through the skies,
| but stranger still is lost Carcosa.β
| β Robert W. Chambers,The King in Yellow
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
- nervuri <nervuri at disroot.org>
@ Thu, 15 Apr 2021 13:32 +0000
In reply to Mansfield <mansfield at ondollo.com>
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
On Thu, 2021-04-08, Mansfield wrote:
I'm curious... is there *any* server that is running where the code
being run can be verified? I could see someone saying, "I'm running the
open source version of FOO as the server", but they could have tweaked
it to be FOO' or something... thoughts?
Look into remote attestation - TPM-based cryptographic assurance that
remote code is what it's supposed to be. It's a DRM-type scheme,
relying on a secret key being stored in hardware, so it's not ultimately
trustworthy, but it does raise the bar. Signal makes use of the Intel
SGX variant [1], although it has its share of problems [2].
SGX allows applications to provision a βsecure enclaveβ that is
isolated from the host operating system and kernel, similar to
technologies like ARMβs TrustZone. SGX enclaves also support remote
attestation. Remote attestation provides a cryptographic guarantee of
the code that is running in a remote enclave over a network.
An SGX enclave on the server would enable a service to perform
computations on encrypted client data without learning the content of
the data or the result of the computation.
[1] https://signal.org/blog/secure-value-recovery/#deus-sgx-machina
[2] https://medium.com/@maniacbolts/signal-increases-their-reliance-on-sgx-f46378f336d3
As for your application, I agree with Jason McBrayer: good idea, but I
would not use or recommend it unless it is libre software.
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ