💾 Archived View for rawtext.club › ~sloum › geminilist › 006562.gmi captured on 2024-03-21 at 16:23:09. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-11-30)
-=-=-=-=-=-=-
nothien at uber.space nothien at uber.space
Sat May 22 22:48:44 BST 2021
- - - - - - - - - - - - - - - - - - -
nervuri <nervuri at disroot.org> wrote:
On Fri, 2021-05-21, nothien at uber.space wrote:
If servers have not yet been fixed to use close_notify, then there's
no hope that they would implement any new companion specs /
technologies for providing integrity.
My suggestions don't entail changes in server software.
But your suggestions are patch-up solutions over issues with serversoftware. Instead of adding more complexity into the situation, pushfor better (more correct) server software.
If a user of such a server wants integrity, then they should request
it of the maintainer of the server code, or switch to a different
server; there are many out there with the same features.
The user of a pubnix or a flounder-style hosting service would likely
not be in a position to determine what server is used. But they would
be able to create well-known files or append hash fragments to a few
links.
But they can (and should!) request their providers to update theirsoftware. Users should never have to pay for the faults of their serverproviders anyways.
The idea of hash fragments for third-party links would be especially
interesting to explore, I think.
They would only be feasible for static files, such as tarballs etc. thatnever change, as otherwise any changes (e.g. fixing typos) would breakhash fragments from third-party sites to the current one. The issuethus becomes that it may be misused (i.e. used in the wrong contexts);there is no way to stop this from happening, and it would only add morepain to the situation. Better to rely on explicit hash files in thesesituations, as is already the convention.
Integrity on the server-side is out of the scope of Gemini
As are many features of current Gemini clients.
Such as? I'm considering specifically the communication of data overthe network via the Gemini protocol. Gemini clients obviously have morethings to do.
~aravk | ~nothien