-- Leo's gemini proxy
-- Connecting to gemini.ctrl-c.club:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini
author: @TomDotTom
Having seen references to Toki Pona a few times here on geminni I decided
try and learn it. The best resources I've found so far are:
Over the last few days I've spent some time looking into Message Integrity
Codes (or Message Authenticity Codes). One of the most interesting ideas
I stumble across was the 'Hash Chain' which can produce a fintite set of MAC
secrets.
As it (seemingly) impossible to create MIC's without a shared secret there
seems little point to not just use full encryption to secure a message. This
in turn had led me down a QUIC rabbit hole as packet encryption is a core part
of the protocol. One of the better introductions to QUIC is CloudFlare post
'The Road to QUIC'. And if you want to dive in deeper you might as well
watch the 3hr 'QUIC Protocol Tutorial'.
Publised "Disloyal User-Agents" and sumbitted them to gemini aggregators.
Spent the last few hours combing the internet for application layer data integrity
solutions.
Finished a draft of "Disloyal User-Agents" which can, for the moment, be found in
Looking at HTTP/2 reminds me a bit of the BEEP application protocol.
Came to the realisation over my morning coffee that when you make a DNS
lookup you are almost always looking up the address of a proxy server. URLs
server a dual function as a proxy IP lookup address, and an appliaction routing
address for the proxy. No reason for this to be the case, and you could create
an application level protocol around this idea.
Scans of tilde.chat#spartan and tilde.chat#gemini show that other share my thoughts
on a modular browser. @yeti pointed out that the Dillo browser was designed to be
extensible via plugins, and that a couple of gemini plugins exist.
After a back and forth on tilde.chat#gemini with a group of gemini
enthusiasts I've landed on the ideas of the "Faithless Browser" or "Disloyal
User-Agent" (DUA). The basic premise is that they are supposed to represent
the users interests but through default behaviour can actual represent a
servers interests (think Cookies).
Also from discussion, I think Gemini's desire of non-extensibility and
completeness has been compromised by mandating the use of TLS and making
client certs a first class concern. A DUA could add metadata into a client cert
and work around the lack of headers in the Protocol. Establishing standard server
behaviour in popular software by getting them to return a 63 CERTIFICATE METADATA ABUSE
might encourage good behaviour.
Just created a tiny bash spartan:// client to add to my tiny bash gemini:// client.
Spent a bit more time on the 'bring your own I/O' gemini protocol library.
Currently have a server and client state machine which are very similar, but
not perfectly asymetric. I'm not sure if it would be better if they were
symetric. Interestingly I'm having to think quite hard about where the
protocol's concerns ends and a client/servers concerns start.
This weekend I had a go at implementing a 'bring your own I/O' protocol
library for gemini. Took inspiration from the python-hyper http projects, and
a MicroMike's socks5 project. Got as far as implementing the Client role, and
then used this to create an example python Gemini client. Will have to wait
until next weekend to clean up and post to a tilde git repo.
Slowly making my way through an excellent 41 episode podcast on Free Speech.
It's very likely I'll go back and listen to the series a second time just
to let everything sink in.
Having tried to modify nytpu's 'gemlog.sh' and getting frustrated by bash I
have just reimplemented something similar in Python using the subscription
spec. Ctrl-C users can find it in my bin dir.
Poked at ctrl-c.club's gemini server and was unsurprised to find that gemini
also suffers from exposed git repos (the .git is readable). I suspect it
won't be long before a gemini version of GitTools appears.
Played around with ctrl-c.club's `Iris` topic board. Bumped into @calamitous
on irc.tilde.chat#ctrl-c and had a chat about the software.
Posted a quick topic to ctrl-c.club gemini users that they should be careful
of exposed .git dirs.
I'm completely enthralled by "The Whinam Papers archive" on @Stack's gemini
capsule. I'm undecided whether using Joanathan Swan's satirical style to
comment on the state computing is genius or madness. Even worse it keeps
going over my head and I can't tell if I'm ignorant of the real science
behind the proposed Houyhnhnm technology, or if it's all just sci-fi, I'd
bet on the former.
Got a ctrl-c.club account (thanks Eric).
Battled with irssi and connecting to ctrl-c.tilde.chat. Finally got it all
working only to find it very quite in there.
Started messing around with Gemini.
-- Response ended
-- Page fetched on Sun May 19 03:18:56 2024