I've had conversations with at least two geminiers lately, https is a combination of two zdrmonster and anthonyg. It things. Firstly, there's a highlights that I should have whitelist of internet sites that friendlier tone with gemini you can get a domain name onto by people, who are pretty cool, and periodically providing control of share my musings about security. your server to the whitelist I'm not looking up or into any managers. Google, Microsoft, Apple attacks or kinds of attack. (Great and Mozilla will spam you and try security phost, I know.). to trick you (whether or not appropriate) into not visiting Gopher's strength is the unwhitelisted websites. Every time tremendous beauty and power of you visit a domain, you contact internetworked gopherholes the whitelist people over the combined with the minimal elegance internet to check if they think of the gopher singular. You make a you should visit that domain. The TCP connection, the server says domain you are visiting is nothing, the client sends the item recoverable from your https specifier string, the server request in general anyway. If you replies with the item and the trust the whitelist managers more client closes the connection when than some other people, there are it thinks the item is finished. gains to the newish DNS over The end. Sure, gophernicus will HTTPS. automatically give ogg files the unofficial s itemtype, which lynx There is also the second, sincere supports, but basically the thing benefit of https ; there's a about gopher is that it's not process for negotiating session going to change, and it does encryption with the server you almost nothing. Ldbeth likes to have connected to, so only the point out that openbsd netcat is a server knows which page in fine gopher browser. particular you are visiting. Imagine those safe links companies From what I can tell, gemini provide that are private from sacrifices this elegance to gain others unless shared; they're two-ish things. Instead of making talking about it being https. If directories with lots of the https negotiation is suitably unofficial itemtype i strict, information can be shared informational lines in order to only with the trusted server. This have interspersed gophermap item comes at the cost of needing to do lines (links), gemini just complicated negotiations, which supports link lines in general, open up extra avenues for and some gemini markdown styling. datascraping/profiling among Secondly and moreso firstly, problems, which is at least gemini supports https. counter to the intuition that it was safer. I think informational lines do fine in gopher directories and Whitelisting can sod off in my searches, and attaching a markdown opinion, by providing to the standard is feature creep. unaccountable trust to someone you However the standard is such that don't know doubly so. However, gemini markdown files are having a form authentication and acceptable stylistic text files, encryption at all is a big deal. and there is relatively little Let's try and apply it to usage difference when using emacs downloading music from a gopher. elpher-mode to browse either. Imagine you make a gopher request specifying a music file. Someone who wishes you ill gets in the middle of the request and sends you back a music file that can crash your music player or cause other problems instead of the real one. Even if not sabotaging you like this, basically every company and government is cyberstalking you in order to sell private facts about you (this is used on normal people in real life! It's worse than you think.). GNU Privacy Guard (or a crypto signing equivalent like signify(1)) can provide strong-enough signing to mitigate the bad file sabotage problem, though this connects back to the whitelisting problem - you can't just download a public key, what if it was a sabotaged public key. You need to get to know the key owner well enough to establish it is really their key, in a libOTR sort of way (using a contextual question to establish you're talking to the right person at the start of an encrypted conversation). This is a good point, and I will try to roll out signing everything on my gopher, synth music links included. I can do this without freezing a security norm as part of the standard, leading to the travesties like https version supported that are known not secure. Also I hope I can be friends with the geminiers even though I stay a gopher.