[gopher] Tor for Gopher
Kim Holviala
kim at holviala.com
Thu Feb 16 15:37:16 UTC 2017
On 14 Feb 2017, at 07:47, Christoph Lohmann <20h at r-36.net> wrote:
> The CA system is broken and will not lead to any security. Do you
> really trust Let’s Encrypt, when they issue certificates for everyone? I
> don’t.
Of course the CA system is broken, and no, I don't trust Let's Encrypt - but at least they are levelling the game by offering free valid certificates (I was using StartSSL before and Let's Encrypt is *way* better).
> That is the reason why I am proposing a simpler migration strategy: Let
> us move all gopherholes to tor.
That's one way of securing traffic, true, and to be honest when someone starts telling me how every website needs to be using TLS I always ask "why not tor? it's more secure" just to see their reactions. Suddenly security isn't a priority after all :D
Anyway - I did gopher-over-TLS as a test because people have been asking for it quite often. It's not meant to be a serious implementation but more like a test to see if it's possible.
- Kim
More information about the Gopher-Project
mailing list