💾 Archived View for rawtext.club › ~sloum › geminilist › 006551.gmi captured on 2024-03-21 at 16:23:25. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-11-30)
-=-=-=-=-=-=-
nothien at uber.space nothien at uber.space
Thu May 20 17:15:36 BST 2021
- - - - - - - - - - - - - - - - - - -
nervuri <nervuri at disroot.org> wrote:
On Wed, 2021-05-19, ew.gemini wrote:
Integrity in the sense of "the file remained unchanged in
transit"? TLS should take care of that.
Not necessarily. The connection can be dropped before the transfer
completes, or bits in the file can be flipped for various reasons.
I think there is a place for simple, automated integrity checks - not
just in Gemini, but also on the Web (like SRI [1], but applicable to all
links).
Sorry, but that's just wrong. TLS already provides the mandatoryclose_notify signal (and there have been discussions about it before onthis ML) for indicating that the complete text has been transferred.And every single authenticated encryption method provided with TLSensures that the communicated data is the same at both ends - bit flipsand the like are detected and such malformed packets are droppedappropriately. One of the mechanisms for this verification is Poly1305- check it out if you're interested in how and why these work.
We could, as tidux suggests, use magnet (or IPFS) links for large
files instead, as those protocols have integrity checking built-in.
However, this must be weighed against the added friction, both for
server admins who must install and configure additional software and
for visitors who don't have a BitTorrent or IPFS client installed.
This is the correct solution. Note that even protocols like HTTP(S) arefine (as they - in their effort to support everything - support largefile transfers), so there would be little to no friction.
~aravk | ~nothien