๐พ Archived View for bbs.geminispace.org โบ u โบ mbays โบ 3782 captured on 2023-09-08 at 17:25:49. Gemini links have been rewritten to link to archived content
โก๏ธ Next capture (2023-09-28)
-=-=-=-=-=-=-
Re: "is there some tls implementation for small devicdes? there..."
gmni and gmnilm also use BearSSL (which also tripped me up in the same way it did michaelnordmeyer).
2023-08-03 ยท 5 weeks ago
@michaelnordmeyer Gosh darn it, I didn't want to hear that. Also on my TODO list for this year is to setup a TLS1.3 only, ED25519 certificate version of the official capsule on port 19650 and encourage people to try it out with as wide a range of clients and operating systems as possible to gather some good data on how feasible it would be to start encouraging migration in that direction. I sort of hoped that maybe we'd finally be getting close...
Probably not as small as you'd like. My capsule was slow when I hosted it on ESP32, and even slower on a Pi Pico W. It works, but the handshake is very slow with EC. (Both with mbedtls, which is still limited to TLS 1.2.)
2023-08-04 ยท 5 weeks ago
@dimkr would the spartan protocol be a better fit for those kinds of devices since it does not do TLS?
@Smokey In some ways, Spartan is a good alternative for small devices with static content (so no need for "authenticated users"), as long as the users use a client that supports Spartan and not just Gemini
2023-08-05 ยท 5 weeks ago
@smokey @dimkr For devices where TLS is really not possible, there's also the option of running something like Cosmarmot on a Pi on the same network, it translates Gemini stuff to Gopher. See https://git.carcosa.net/jmcbray/cosmarmot/
@solderpunk (Seeing myself mentioned in your reply made me blush) Proxying is definitely an option, but I prefer not to add a "computer" that acts as a "TLS accelerator" for the Pico W running my Gemini capsule, and Gopher is not really an alternative (because of the fixed width and other limitations). I want to like Spartan but I'd prefer an "exactly Gemini minus the TLS" protocol supported by all conformant Gemini clients, for the sake of code reuse.
is there some tls implementation for small devicdes? there is a tcp stack in kon-tiki, and maybe other implementations. is it possible to use tls on some 8bit device with 64kb of memory? i am thinking of potential implementations on avr, 6502. i guess m68k may even run real openssl library?
๐ฌ norayr ยท 11 comments ยท 2023-08-01 ยท 5 weeks ago ยท #programming