[gopher] Tor for Gopher
rain1 at openmailbox.org
rain1 at openmailbox.org
Thu Mar 2 02:12:17 UTC 2017
On 2017-02-14 05:47, Christoph Lohmann wrote:
> Greetings comrades.
>
> This ugly discussion of how to add TLS to gopher has lead to all kind
> of
> extension proposals which look so ugly I wouldn’t want to
> implement
> them. The CA system is broken and will not lead to any security. Do
> you
> really trust Let’s Encrypt, when they issue certificates for everyone?
> I
> don’t.
>
> That is the reason why I am proposing a simpler migration strategy:
> Let
> us move all gopherholes to tor. Running a hidden service requires
> no
> modification except for changing the internal links to the onion
> domain.
> I do that at bitreich.org[0][1] by having a hidden service pointing
> to
> port 70 but the redirect in the configuration is to a different
> port
> which has geomyidae running with the argument ‐h
> hg6vgqziawt5s4dj.onion.
> All menu entries in gph files pointing to »server« will be replaced
> with
> that and you are kept in the tor network.
>
> For clients it is simply: torify lynx gopher://hg6vgqziawt5s4dj.onion
>
> I have started collecting onion gopherholes [2].
>
> What we get: Security (hash in onion domain), anonymity (tor
> network),
> moral superiority by supporting tor and their efforts
>
>
> Sincerely,
>
> Christoph Lohmann
>
> [0] gopher://bitreich.org
> [1] gopher://hg6vgqziawt5s4dj.onion
> [2] gopher://hg6vgqziawt5s4dj.onion/1/lawn/onion
>
>
> _______________________________________________
> Gopher-Project mailing list
> Gopher-Project at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/gopher-project
I'm stunned by the beauty and simplicity of this solution!
I've been writing a gopher client myself and it took a grand total of 0
new lines of code to access that gopher using it! and we get all the
important security properties: integrity, authenticity, confidentiality.
More information about the Gopher-Project
mailing list