💾 Archived View for misfin.org › last › last_index.gmi captured on 2024-06-19 at 22:50:10. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-05-24)
-=-=-=-=-=-=-
Email is just as bad as the Web. It's grown to be complex, secure only with other protocols bolted onto it, and it supports all the nasty misfeatures that the Web does, like cookies and tracking beacons. Even worse, it's seeing active hostility from the major players of the Internet. Most ISPs block traffic on port 25, and you can't deliver mail to any of the big names (like Gmail) without jumping through hoops - and even then, it's a coin toss.
I would love it if there was a way around this, a standard way for people interested in the small web to communicate. Something like Gemini, which can be grokked and implemented by one person. To that end, I've been working on a replacement - but I need some feedback.
I've written up specs for two simple protocols, Misfin(A) and Misfin(B), named after the Manned Space Flight Network (MSFN). The first is versatile, the second is spartan. Both share a common format for certificates and authentication. Both only are concerned with sending messages; mailbox management and relaying are out-of-band. Neither does much to combat spam - they probably won't be used by enough people to matter - but avoid the worst of SMTP's security gotchas.
Both candidate protocols require TLS, because it gives us a nice simple way to verify senders and receivers. A Misfin certificate stores three pieces of information:
USER_ID The user's mailbox (admin, santa, xXxd3m0n5l4yerxXx, etc.) COMMON_NAME Who the user is - their name, or pseudonym, or w/e SUBJECT_ALT_NAME Hostname of the user's mailserver (example.com, misfin.org, etc.)
You can then stick the mailbox and hostname together into a Misfin address, i.e. santa@example.com. Authentication is up to you - maybe you have a whitelist of approved senders, or you mandate CA-signed certs, or you trust certs as they come in (TOFU). Or you don't do anything and suffer.
The Misfin(A) protocol works like SMTP - you connect to a mailserver with your certificate, tell it you want to send a message, and if it accepts, you hurl the message over. Transactions look like Gemini:
misfin://mailbox@hostname.com mime/type the remainder of the request is the "subject"\r\n
If the server wants your message, it responds with the go-ahead:
20 <number of bytes the server will accept>\r\n
You can then send over the rest of your message (respecting the maximum size) and close the connection.
Maybe we should just worry about text. Maybe we don't want to accept big huge messages from strangers. Maybe we should be asking people nicely if they want to receive an attachment, rather than just sending it to them. Consider the following protocol. We send a single request, no more than 2048 bytes, and with an assumed mime of text/gemini:
misfin://mailbox@hostname.com Everything after this is the body of the message.\r\n
And the server tells us if it was accepted:
20 <fingerprint of the recipient>\r\n
Message sent, ezpz. Misfin(B) is limited, but not crippled. Want to send a binary file? Throw it up on a Gemini server (you have one of those, yeah?) and link to it - you get the fingerprint of the receiver's certificate, so you could even gate it for them if it's eyes only. Can't fit your message into 2K? Send two, or maybe write less. (Most of the emails I got on the Gemini mailing list were smaller than that anyway).
No right answers, which is why I'm opening this up to comment. Neither is tough to implement.
Misfin(B) feels more aligned with the values of the small web - you can send me text, no more than this much of it, and if you want me to see something else you need to ask. Its inflexibility also helps protect simple implementations from abuse; you don't need to worry about blocking certain mimetypes from being received or setting sane limits for file sizes.
On the other hand, Misfin(A) is capable, and of course there are good reasons to want to send attachments or long messages or whatever else. It's probably telling that flexible protocols like Gemini took off in a way that more rigid ones didn't.
- ❤️ lem
Both protocols explained with fewer words
A draft protocol for Misfin(A), most of which applies for Misfin(B) as well