I haven't seen that @solderpunk proposes a new protocol which is a kind of simplified #Gemini one (no TLS stuff, mandatory UTF-8, only 2 types of lines text or link, less return code...)
@adele I'd have been happy with just removing the mandatory TLS and adding an insecure response code so clients can show a warning or something, I've been begging for that here and there for a while as TLS prevents a lot of old devices from using Gemini. This sounds fantastic too though.
@easrng any pre-Gingerbread Android devices, they're bricks as far as Gemini is concerned. Also, all of today's devices will suffer the same fate in ten+ years once the current cipher suites become compromised, TLS is a moving target
@easrng Gingerbread support _is_ with a back-ported lib: Conscrypt. Without that there'd be an incredible amount of unsupported devices.
@easrng Yes, I think so, otherwise the Google Conscrypt team would have done it I think. There's a couple of other Java libs that may be an option but I doubt it, those older devices need the libs to use the same old Java version that they support. Newer devices have the option to get updated TLS suites from Google Play Services, but that only works with new supported devices (& won't work on Lineage etc). Again, today's devices will face this same problem in 10/15 years whatever.
@easrng I have been meaning to find out why Conscrypt only supports as far back as Gingerbread. Two reasons are likely: older OS versions use older Java versions that have some inherent insecurity, or: older OS version are missing something in the JNI that makes back-porting further and securely impossible.
Many people have misunderstood this as a proposal or recommendation. I was there at the time, and Solderpunk was just theorizing what could be stripped away from Gemini while still keeping it usable. As far as I know, this is not something he endorses, and I believe he has sent emails to that effect.
I believe his largest issue with it is lack of TLS, and it's mine as well. Privacy is important, but even beyond that, remember that TLS ensures integrity and provides authentication as well.
Instance de Mastodon, réseau social de micro-blogging libre et décentralisé hébregée par l'association Tetaneutral.net.