💾 Archived View for stacksmith.flounder.online › gemlog › 2021-10-22.TLS_and_TOFU.gmi captured on 2023-04-19 at 22:28:21. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2022-07-16)
-=-=-=-=-=-=-
I love Gemini, but it is important to question the premises and understand the details.
TLS presumably eliminates man-in-the-middle attacks and makes snooping impossible. Keys are exchanged, an encrypted channel transfers the data. The technology is solid.
TOFU (Trust of First Use) is a bit of a weak spot: the first time we hit a server we cannot authenticate the certificate without a trusted third party. So we give up and assume it's good. Next time we make sure it's the same. So if someone fools us once, we will forever be fooled.
Gemini should have been implemented as a plaintext protocol. This would allow cleartext networking that is truly easy to implement, including on old Apple ][s.
Those who care about privacy have other, equally good options, such as Tor and SSH for encryption.
TLS is not trivial to implement, and not trivial to use. Claims are made that you can make a client in a weekend. You _can_ make a toy client in a weekend *if* you are using a language that has a TLS library that is easy to use. If you need to do the legwork, it is not at all easy.
Realistically, you cannot implement TLS yourself. You shouldn't, anyway - unless you are a crypto expert. And TLS is not implementable on old machines sporting 6502s, and even 68000s (maybe 68000 is good enough)...
TLS does have its pluses. Key distribution is easy compared to SSH, and client certificates may be used to identify clients easily.