💾 Archived View for gemini.ctrl-c.club › ~TomDotTom › tinylog.gmi captured on 2022-06-03 at 23:38:24. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2022-04-29)
-=-=-=-=-=-=-
author: @TomDotTom
try and learn it. The best resources I've found so far are:
A gemini toki pona <-> English translator
Codes (or Message Authenticity Codes). One of the most interesting ideas
I stumble across was the 'Hash Chain' which can produce a fintite set of MAC
secrets.
seems little point to not just use full encryption to secure a message. This
in turn had led me down a QUIC rabbit hole as packet encryption is a core part
of the protocol. One of the better introductions to QUIC is CloudFlare post
'The Road to QUIC'. And if you want to dive in deeper you might as well
watch the 3hr 'QUIC Protocol Tutorial'.
QUIC Protocol Tutorial - SIGCOMM 2020
solutions.
lookup you are almost always looking up the address of a proxy server. URLs
server a dual function as a proxy IP lookup address, and an appliaction routing
address for the proxy. No reason for this to be the case, and you could create
an application level protocol around this idea.
on a modular browser. @yeti pointed out that the Dillo browser was designed to be
extensible via plugins, and that a couple of gemini plugins exist.
enthusiasts I've landed on the ideas of the "Faithless Browser" or "Disloyal
User-Agent" (DUA). The basic premise is that they are supposed to represent
the users interests but through default behaviour can actual represent a
servers interests (think Cookies).
completeness has been compromised by mandating the use of TLS and making
client certs a first class concern. A DUA could add metadata into a client cert
and work around the lack of headers in the Protocol. Establishing standard server
behaviour in popular software by getting them to return a 63 CERTIFICATE METADATA ABUSE
might encourage good behaviour.
gemini://gemini.ctrl-c.club/~TomDotTom/gemlog/2022-04-25-A-Tiny-Bash-Gemini-Client.gmi
gemini://gemini.ctrl-c.club/~TomDotTom/gemlog/2022-04-27-A-Tiny-Bash-Spartan-Client.gmi
Currently have a server and client state machine which are very similar, but
not perfectly asymetric. I'm not sure if it would be better if they were
symetric. Interestingly I'm having to think quite hard about where the
protocol's concerns ends and a client/servers concerns start.
library for gemini. Took inspiration from the python-hyper http projects, and
a MicroMike's socks5 project. Got as far as implementing the Client role, and
then used this to create an example python Gemini client. Will have to wait
until next weekend to clean up and post to a tilde git repo.
h11: A pure-Python HTTP/1.1 protocol library
h2: A pure-Python HTTP/2 protocol stack
A pure-Python socks5 protocol library
It's very likely I'll go back and listen to the series a second time just
to let everything sink in.
Clear and Present Danger: A History of Free Speech
have just reimplemented something similar in Python using the subscription
spec. Ctrl-C users can find it in my bin dir.
https://gemini.circumlunar.space/docs/companion/subscription.gmi
also suffers from exposed git repos (the .git is readable). I suspect it
won't be long before a gemini version of GitTools appears.
GitTools for pwn'ing sites with exposed git repos
on irc.tilde.chat#ctrl-c and had a chat about the software.
of exposed .git dirs.
capsule. I'm undecided whether using Joanathan Swan's satirical style to
comment on the state computing is genius or madness. Even worse it keeps
going over my head and I can't tell if I'm ignorant of the real science
behind the proposed Houyhnhnm technology, or if it's all just sci-fi, I'd
bet on the former.
working only to find it very quite in there.