💾 Archived View for rawtext.club › ~sloum › geminilist › 006804.gmi captured on 2024-02-05 at 10:55:51. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-11-30)
-=-=-=-=-=-=-
charliebrownau charliebrownau at protonmail.com
Sat Jun 26 14:03:32 BST 2021
- - - - - - - - - - - - - - - - - - -
Gday
Thanks for the great gempost CyberTailor !!
I managed to throw up a simple gaming group front page tonightwhich Ive been putting off for a while
I will be working on my own personal domain tommorow
----------------------------------
Are any gem servers already packaged in Docker or some vitualised containerSo one could run
VPS serverContainer - 1 - plain static website - 2 - gemblog - 3 - mumble - 4 - irc/xmpp
--------------------------------------
The Gnuserland
Do we want more centralised "review" and "scores" sitesthat end up getting abused, doxing people and lying aboutcustomers or business's
What about creating a review in- textual form- photos- turning that into a blog and pdf/gemfilethat can be downloadedand on top video review hosted as MP4/WebM (XviD/X264/AV1)on the gem server and or peertube instance
I like Lukesmiths Recipe site idea - http://based.cookingmaybe something like that could get adapted to reviewsbut as gemspace is for the entire world and not a single district/city/nationit might have to get sectioned off for areas/cities/nations, along with food types.
-----------------------------------------------------
Funding :-
Problem with "mainstream" and "ALT tech"they both rely on the International Central banking cartelwith payment processors , paypal, tspring,etc
Also with Goverment demanded handouts an USD$20 shirtoften ends up AUD$35/NZ$35/CA$35(Remember its not theif when the goverment calls it 'taxation' / gst+vat / income 'tax' /etc)
Maybe help fund Master Server Hubs, District/national servers orinvidual popular servers hosting various users that goes towards VPS/cohost/server costs directly
Instead of going via some huge payment process or banking cartel system
I would avoid Cypto all together
The only currency I trust is anonymous phsyical cash (coins/notes)
----------------------------------
Side note if anyone is interested in alt currency check out- Community Currency- Local Currency- Agorism + Counter Economics
___________________RegardsCharliebrownauCharliebrownau at protonmail.com
Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Friday, June 25th, 2021 at 7:39 PM, <gemini-request at lists.orbitalfox.eu> wrote:
Send Gemini mailing list submissions to
gemini at lists.orbitalfox.eu
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.orbitalfox.eu/listinfo/gemini
or, via email, send a message with subject or body 'help' to
gemini-request at lists.orbitalfox.eu
You can reach the person managing the list at
gemini-owner at lists.orbitalfox.eu
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Gemini digest..."
Today's Topics:
1. GDPR and the protocol implications (Matthias Geier)
2. Re: GDPR and the protocol implications (Omar Polo)
3. Re: Gemini Digest, Vol 23, Issue 40 (Anna ?CyberTailor?)
4. Re: GDPR and the protocol implications (adnidor)
5. Re: GDPR and the protocol implications (K?vin)
6. [USER][IDEA] Gemini Database of Places and Restaurants
(The Gnuserland)
7. Re: A proposal to fund the Gemini project (The Doctor)
Message: 1
Date: Fri, 25 Jun 2021 10:59:32 +0200
From: Matthias Geier matthias.geier at antipod.de
To: gemini at lists.orbitalfox.eu
Subject: GDPR and the protocol implications
Message-ID:
CAEtdmSzf1Q21XnjaAbuuHPXgNDBJemFy4k=k+Upm7fc5M=p2Eg at mail.gmail.com
Content-Type: text/plain; charset="utf-8"
Hello fellow developers
To say that upfront, I searched most of the archive, didn't find that topic
in there
About gdpr and certificates. If I am not mistaken, before I even request
the TLS certificate, I'd need to get a user consent, not to mention storing
it.
On a capsule like station, you can ignore the certificate until you sign
up, but for instance if I want to prevent spam/DoS and check against a
certification authority, I'd need to get permission for that first. Which
beats the purpose partially
Is the manual opt-in to show a cert on a specific domain enough for gdpr
(clients require you to set the cert for the domains)? I can't show a gdpr
warning on the cert missing error, since the spec doesn't allow me to.
Not to mention other consent stuff for storing and processing information?
I am aware that the small internet won't be sued soon, because no one
cares. However hosting a service in the EU as a private person has become
dangerous and you don't want to end up with a fine in the 10k range for
infringement
Any opinions, best practices, advice, discussion is welcome ?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.orbitalfox.eu/archives/gemini/attachments/20210625/c6d0b941/attachment-0001.htm
Message: 2
Date: Fri, 25 Jun 2021 15:51:05 +0200
From: Omar Polo op at omarpolo.com
To: Matthias Geier matthias.geier at antipod.de
Cc: gemini at lists.orbitalfox.eu
Subject: Re: GDPR and the protocol implications
Message-ID: 87eecq6oja.fsf at omarpolo.com
Content-Type: text/plain; charset=utf-8
Matthias Geier matthias.geier at antipod.de writes:
Hello fellow developers
To say that upfront, I searched most of the archive, didn't find that topic
in there
About gdpr and certificates. If I am not mistaken, before I even request
the TLS certificate, I'd need to get a user consent, not to mention storing
it.
On a capsule like station, you can ignore the certificate until you sign
up, but for instance if I want to prevent spam/DoS and check against a
certification authority, I'd need to get permission for that first. Which
beats the purpose partially
Is the manual opt-in to show a cert on a specific domain enough for gdpr
(clients require you to set the cert for the domains)? I can't show a gdpr
warning on the cert missing error, since the spec doesn't allow me to.
IANAL but what about responding with something like
60 Missing certificate: <gdpr warning here>\r\n
Not all clients show the exact meta for status codes != 20, but that's
another issue.
Not to mention other consent stuff for storing and processing information?
I am aware that the small internet won't be sued soon, because no one
cares. However hosting a service in the EU as a private person has become
dangerous and you don't want to end up with a fine in the 10k range for
infringement
Any opinions, best practices, advice, discussion is welcome ?
--
Message: 3
Date: Fri, 25 Jun 2021 19:38:42 +0500
From: Anna ?CyberTailor? cyber at sysrq.in
To: gemini at lists.orbitalfox.eu
Subject: Re: Gemini Digest, Vol 23, Issue 40
Message-ID: YNXqcqRXQ38aMMK0 at sysrq.79.202.136
Content-Type: text/plain; charset=us-ascii
On 2021-06-23 11:38, charliebrownau wrote:
Also Does anyone have some good guides
to create a low bloat HTML website
without javascript/python/dotnet/cookies
I find these guidelines useful
=
gemini://seirdy.one/2020/11/23/website-best-practices.gmi
--
Message: 4
Date: Fri, 25 Jun 2021 16:40:40 +0200
From: adnidor lists-gemini at adnidor.de
To: gemini at lists.orbitalfox.eu
Subject: Re: GDPR and the protocol implications
Message-ID: 20210625144040.qbuut7ajvz5pkjsn at joshuatree
Content-Type: text/plain; charset=us-ascii
On Fri, Jun 25, 2021 at 10:59:32AM +0200, Matthias Geier wrote:
About gdpr and certificates. If I am not mistaken, before I even request
the TLS certificate, I'd need to get a user consent, not to mention storing
it.
Not necessarily. There are 6 possible justifications for processing personal
data:
Wikipedia - GDPR[0]:
(a) If the data subject has given consent to the processing of his or her personal data;
(b) To fulfil contractual obligations with a data subject, or for tasks at the request of a data subject who is in the process of entering into a contract;
(c) To comply with a data controller's legal obligations;
(d) To protect the vital interests of a data subject or another individual;
(e) To perform a task in the public interest or in official authority;
(f) For the legitimate interests of a data controller or a third party, unless these interests are overridden by interests of the data subject or her or his rights according to the Charter of Fundamental Rights (especially in the case of children)[7]
Most processing that gemini capsules do will probably fall under the last
point, and therefore doesn't require consent. (as an aside: most processing
that websites do also falls in that category, including stuff for which cookie
banners are show).
Also, if you are an individual, it is possible that the GDPR doesn't apply,
although I don't believe that there has been a court decision on this.
Please do note that I am not a lawyer and that you should do your own research
before relying on anything.
adnidor
[0] https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Message: 5
Date: Fri, 25 Jun 2021 15:12:19 -0000
From: K?vin gemini at ml.oh.mg
To: gemini at lists.orbitalfox.eu
Subject: Re: GDPR and the protocol implications
Message-ID: 162463393906.7.11446062595177882843.9149285 at ml.oh.mg
Content-Type: text/plain; charset="utf-8"
??????? Original Message ???????
Le vendredi 25 juin 2021 ? 16:41, adnidor - lists-gemini at adnidor.de a ?crit :
On Fri, Jun 25, 2021 at 10:59:32AM +0200, Matthias Geier wrote:
...
Also, if you are an individual, it is possible that the GDPR doesn't apply,
although I don't believe that there has been a court decision on this.
It depends on the country, there are some that actively go after individuals (Austria, Sweden, Spain, and Norway have in the past) and others that just can't be bothered (notably France and most other EU countries).
It also really depends on the data you collect, purpose of the collection, and whether or not you could extract that against a real data subject.
The question would be would the certificate be at the same technical processing level as an IP address (server logs) or would it be storing a full data subject (account database).
Again I'm not a lawyer, but your national data privacy organisation are generally more than happy to answer these kind of questions if you contact them.
-K?vin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
URL: https://lists.orbitalfox.eu/archives/gemini/attachments/20210625/ee853284/attachment-0001.sig
Message: 6
Date: Fri, 25 Jun 2021 14:43:08 -0400
From: The Gnuserland gnuserland at mailbox.org
To: gemini at lists.orbitalfox.eu
Subject: [USER][IDEA] Gemini Database of Places and Restaurants
Message-ID: 9fedda3d-e67e-9b97-7352-e101c4540326 at mailbox.org
Content-Type: text/plain; charset=utf-8; format=flowed
Hi Geminauts,
I'd like to use Gemini as much as I can for my daily use, I wonder if
all of us can work together to share comments and reviews of Places and
Restaurants we love to go (or we don't love...) in order to make these
information available through a simple search in Gemini, we might start
creating in our capsule a page called something like the one below,
which doesn't need to be necessarily shown on your root:
country-city-places-and-restaurants.gmi
or shorter
country-city-places.gmi
and the content might be something like:
Italy, Rome (or # Italia, Roma)
===============================
Restaurant's name
-----------------
Type: Restaurant
Kitchen: Regional
Where: Via del Merluzzo, 121
Rating: ****/5
Descriptions: Nice Family owned restaurant full of local people (all
this section is a fake)
I understood this may risk to leak personal info that perhaps someone
would prefer to keep private, hence this would be totally volunteer...
I think the whole idea must be refined to be more "machine readable",
but if we begin to create these pages maybe someone else can come out
with a way to create a specialized capsule that can collect all these
information and you can subscribe to this capsule with your own
certificate and start adding your favorite places and reviews of.
What do you think?
My best,
Gnuserland
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Message: 7
Date: Fri, 25 Jun 2021 19:39:45 +0000
From: The Doctor drwho at virtadpt.net
To: Gemini Mailing List gemini at lists.orbitalfox.eu
Subject: Re: A proposal to fund the Gemini project
Message-ID:
mxlZWZDKpvAxslIgcK_hA-S2sNZPcthrYcontOXONcOOn5dl6uxeawXuuETYBTB8QRCCuihJkbB5ToHFfZm0FvuVlimme4ImYUV_v9OC_ZI=@virtadpt.net
Content-Type: text/plain; charset=utf-8
??????? Original Message ???????
On Thursday, June 24th, 2021 at 15:05, Chris McGowan cmcgowan9990 at gmail.com wrote:
Reminds me of the the Munition T-Shirt that protested the (frankly
stupid) encryption export laws in the US. (By the way, those are
partially still in place...)
ITAR has gotten way less of a pain in the ass since 2000. It still sucks to do the
paperwork but it's 10 pages now and not 120 and a bunch of phone calls with the
State Department.
tl;dr the shirt had a 3 line implementation of the RSA algorithm on it
as a Perl one-liner and a machine readable barcode representing that
same program. Technically, under the law at the time (circa 1996), that
made the shirt a "munition". No, I'm not kidding and yes it was stupid.
That was around the time that 2600 was also selling t-shirts that had the functional
diagram for DES to whoever had $25us to spend. :)
It would be neat to have some sort of shirt that had a machine-readable
minimal gemini server (or client) printed on it, but I think the TLS
requirement would make that nearly impossible (max bytes for a QR code
is ~4k).
Depends on which TLS library you link in.
The Doctor [412/724/301/703/415/510]
WWW: https://drwho.virtadpt.net/
The old world is dying, and the new world struggles to be born. Now is the time of monsters.
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Subject: Digest Footer
Gemini mailing list
Gemini at lists.orbitalfox.eu
https://lists.orbitalfox.eu/listinfo/gemini
------------------------------------------------------------------------------------------------------------------------
End of Gemini Digest, Vol 23, Issue 44