[gopher] Adding TLS and/or SSL support to Gopher
simple at sdf.org
simple at sdf.org
Wed Apr 29 22:12:30 UTC 2015
William Orr <will at worrbase.com> wrote:
> >
> > Two little notes:
> > * SSL is dead. There is no secure configuration left. So please
> > keep it to TLS.
> > * Vhosting should be kept in mind. Gopher doesn't really support
> > this but there is no reason not to use multiple hostnames for
> > the same server. In this case TLS is used this may become
> > relevant as certs may differ. See RFC2817 and RFC6066.
>
> HTTP does this with Server Name Indication. That would be a good way to
> approach the problem in gopher
> (https://en.wikipedia.org/wiki/Server_Name_Indication).
>
> I'd be happy to help implement this in some client/server as well.
> LibreSSL has added their libtls family of functions, which aims to
> reduce the difficulty of writing software that uses TLS. The API isn't
> wholly stable yet, but it's a much better starting point than the
> madness which is OpenSSL's API.
I'm not much of a coder but I'd be willing to help test things via
compiling and/or hosting test servers. My upstream bandwidth isn't great
but for gopher stuff it should be fine. Current gopherd is geomyidae[1]
running on VIA i386 system.
I hope some progress can be made with respect to adding encryption to
gopher; the rest of the Internet seems to be moving in that direction
and I think gopher risks further malignment if it remains strictly a
clear-text protocol.
Jeff / gopher://jgw.mdns.org
[1] gopher://gopher.r-36.net/1/geomyidae.gph
More information about the Gopher-Project
mailing list