-- Leo's gemini proxy
-- Connecting to freeshell.de:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
> tl;dr I whinge about the effort involved in doing the TLS bits of my client, and FOR WHAT??
When I found Gemini and tried writing a client, the first hurdle was TLS. I thought the TOFU requirement made it a bit pointless, but it was in the spec. I had to ask on StackOverflow how to open a secure socket with an un-trusted server because the API I was using didn't make that easy. It was pointed out to me on there how insecure this is. But it was in the spec.
I also had to deal with certificate changes and expiry. I could just ignore them and carry on. I went with asking the user, but I don't think that's any better for most people. Probably the right thing is to make the response configurable (accept|ask|reject) but then I have to switch on that setting in several places, and provide some UI for choosing a security level. Well, it's in my backlog of nice-to-haves. TLS made extra work for me. But it's in the spec.
I haven't implemented client certs. It would involve passing a cert to an API call in the right way, which is (presumably) do-able. But where does the cert come from? There are plenty of examples of command lines with 23 parameters that produce a file that the user can import, but all the cert is for is so the user can say "I'm me" so that's a lot of effort to force someone go to. I should figure out how to generate it for them, and the client is cross-platform, so I can't rely on spawning a command line. So that's on my backlog of should-figure-outs. Having a built-in authentication mechanism seems like a win for TLS, if only it were simpler.
I saw discussion of DANE which seems good. Not sure it would work in my case. This domain doesn't belong to me, and I doubt whether the pubnix owner wants to attach my Gemini server cert to his DNS entries. But maybe I've misunderstood how it works. And we don't have DANE in Gemini, we have TLS.
So altogether it feels to me like TLS is fair bit of effort for a flimsy veneer of security. But it's in the spec.
It may seem that I'm cross about the spec. I'm not. Lots of stuff in there is fine with me. No emphasis? No worries. Only one line in the header? Fine with me. TLS with TOFU? That's the bit I'm not sure about.
-- Response ended
-- Page fetched on Sat May 4 02:30:32 2024