Wednesday, February 16, 2022
A call for Gemini without TLS
There's currently quite a bit of talk in the Gemini community about dropping TLS support, or at least make a non-TLS version of Gemini available. I find this amusing since the entire reason for TLS in Gemini in the first place is that the creator of Gemini, solderpunk, wanted to add TLS to gopher. So when he designed Gemini, it started with TLS at the base. But over the years, the collection of people who want to remove TLS from Gemini come in two groups. The first group are the ones that wish to replace TLS with some other encryption scheme, because TLS sucks or is too complicated or subject to insecurities with the certificate authorities. As I stated a few weeks ago on Hacker News:
I think it even applies to “never implement crypto on your own”—are you sure you've taken into account side-channel attacks? Timing attacks? Random number generation (if it's required)? Cleaning memory after use? That
memset()
isn't optimized out? There's a lot to get right …
https://news.ycombinator
.com/item?id=30092091
(The whole thread is interesting to read)
I do recall on the Gemini mailing list (when it was available) that one person said TLS should be replaced, did an actual implementation of an alternative encryption scheme and decided that wasn't such a good idea after all. The conversation pretty much died after that (imagine that!).
The second group of anti-TLS people also argue that TLS sucks or is too complicated or subject to insecurities with the certifacate authories, and just want TLS removed entirely—go plain text. Well, that currently exists—gopher. It's even easier than Gemini sans TLS—there's no URLs to parse or relative links to resolve. Also, just because TLS is a third- party library isn't an argument I would make because while TCP comes with operaing systems today, that wasn't always the case. Back in the 90s, the entire TCP/IP stack was at one point a third-party library for the most popular operating systems that weren't derived from Unix. And today it's the case that the new Google hotness, QUIC, is a protocol only available as a third-party library. No, a better argument is that current TLS libraries suck to use, and it's hard to know which ones to use. That agument, I can sympathize with.
Furthermore, let's say Gemini never specified TLS to begin with. I guarentee you that someone shortly after it appeared would be screaming for TLS to be added, because “encrypt all the things! Why didn't you bake in TLS from the start? Why do you hate us?”
You just can't win here.