<-- back to the mailing list

[spec] The updated speculative specification is now up

nervuri nervuri at disroot.org

Tue Apr 6 17:50:08 BST 2021

- - - - - - - - - - - - - - - - - - - 

On Mon, 2021-04-05, Sean Conner wrote:

The updated protocol (only) specification is now up and can be read at:
https://gitlab.com/gemini-specification/protocol/-/blob/master/specification.gmi

Thank you. A few thoughts:

I recommend making each change in a separate commit, to make it easierto isolate and comment on. In a huge diff like this [1] it's easy tomiss small, but important changes.

[1] https://gitlab.com/gemini-specification/protocol/-/commit/0235100151b57d9f5c3384acdacb4ad9986f7ae4?expanded=1&view=inline

The use of an existing TLS library SHOULD be used, but because not all
existing TLS libraries support TLS 1.3, then at this time (2021),
implementations MUST support TLS version 1.2 or higher.

You probably meant to start with "An existing TLS library SHOULD beused", but what does this actually mean? Existing as of when? Ifsomeone makes a new TLS library, it will also exist. Also, manylibraries are abandoned, so it will never be the case that "all existingTLS libraries" will support TLS 1.3, or even 1.2.

I don't think the final Gemini specification should mention libraries atall. They may be ok as a temporary justification for why TLS 1.2 is inthe spec, but let's see if we can get more clarity on this: what exactlyare we waiting for before TLS 1.3 becomes the minimum version? Supportin BearSSL (which may never be added)? Support in X% of clients and Y%of servers? Hard to say, isn't it?

TLS 1.2 will send the server name and the client certificate (if used)
in the clear

TLS 1.3 also sends the server name (SNI) in the clear, unless ECH/ESNIis used. The issue here is that TLS 1.2 is not compatible withECH/ESNI. But even with TLS 1.3, public keys need to be put in DNS inorder for ECH/ESNI to work, so it will probably not be a mainstreamfeature (although it should be encouraged).

A client MAY warn a user of a TLS 1.2 connection is established, and
SHOULD warn the user of a client certifiate will be transmitted via
TLS 1.2.

It's "if" rather than "of", right?