🏠 vigrey.com

Thoughts on the Gemini Protocol After a Year

2024-01-27 - [52] 11:13

My site is first and foremost a gemini capsule, although I built a program to convert the files I write in gemtext to static html and gophermap files. This includes the interface to view my git repositories. This system works quite well for me so far. If anything I want to simplify my site even more.

After having my site be a gemini capsule for over a year, I figured I would state my thoughts on the Gemini protocol, gemtext, and geminispace. This post is mostly meant for folks who use the gemini protocol, even if this post is also available in HTTP and Gopher.

Simplicity is key

The gemini protocol is simple... like, really simple. As is the gemtext spec. If you want to do something fancy, you're going to have to get pretty creative. I think this simplicity is a big advantage. In the gemini protocol, the only 2 "pain points" in my opinion that reduce simplicity are the requirement of TLS and trying to figure out MIME types of files you are serving. Thankfully quite a few programming languages have libraries to deal with TLS and determining MIME types.

The gemtext spec is basically just an incredibly stripped down markdown with a different format for links. This allows parsers to be created much more easily than having to do tokening of some kind. You can figure out what type of line a gemtext file line is within the first 3 characters of the line (although you need to keep track if a line is within a preformatted text block). Anything special happens on its own line with the exception of preformatted text block lines, which are a little more complicated.

Sure, it would be nice to have things like bold, italics, and underline, especially inline, but I have learned to live without them now.

Most gemini capsules are responsive by default

With the exception of preformatted text on quite a few clients, gemtext is incredibly responsive to different screen sizes. My site is perfectly readable whether you are using a gemini client on (Lagrange for example) on a desktop with a 4K monitor, a laptop with a 1366x768 px monitor, or a cheap Android phone with a 320px width display. Text tends to be the name of the game for gemini capsules, which is low on bandwidth usage in general (even without compression) and high in information density.

Accounts can still be a thing

The web has a lot of places that require accounts. I'm not a fan of that... but if folks want or need an account for a gemini capsule that allows for accounts, there are ways to make accounts over gemini. There is a specific response status code that requests a password that a client can use to allow the user to type in and submit a password. Because every gemini capsule is required to use TLS, the password is encrypted on transit. Another feature of every capsule using TLS certificates is the ability for a client to use TLS client certificates instead of a password for a login mechanism. The gemini capsule only needs to store a fingerprint of the client certificate and if it sees a client with that fingerprint again, the capsule will know that the client certificate matches.

It (hopefully) won't become mainstream

This is going to come off as elitest. It probably is elitest... Even though much of what is written in geminispace is "tech" themed blogs, much of it talking about geminispace itself, I don't mind. The limitations of the protocol and the gemtext specification seem to help keep it from being adopted by the masses. In my opinion, this is a good thing. The more mainstream the protocol gets, the more likely ad companies will come to vandalize the place for a buck like they did with the web. There is always the chance that some trolls might make a lot of garbage content, but at least it likely won't be able to happen for a profit motive. Some people suck, but it feels somehow worse when there is a profit motive to suck.

I do not want geminispace to be mainstream. I just hope that folks who make up geminispace provide a variety of interesting information.

Gemini in terms of not owning a computer (using the public library computer)...

This is the part I wanted to talk about the most...

A goal of mine in general is to use the internet at my home considerably less and to use my desktop computer considerably less. That means that if I want to use the internet, in a "perfect world", I would go to the public library. Unfortunately, it's incredibly unlikely that a gemini client will be installed on the computers at the public library. Even if one was, the TLS client certificate login method for capsules I mentioned before won't be practical and most likely won't be handled in a secure manner. This would mean capsules would need to rely on a password system if they want folks who are accessing over a public library computer to login.

Unfortunately the current ecosystem for gemini seems to assume the user owns a device and uses that device as opposed to going to a public library to use a device. While this isn't the protocol's fault, it does slightly feel like it goes against the spirit of an adjacent culture of permacomputing.

I would really like to see folks who run gemini capsules that include an account system to discuss this. Assuming a public library computer can have a client like Lagrange installed, how can we make sure users who want to log into a service on our gemini capsules can without the ability to keep their TLS client certs? One potential option could be an "Allow long-term password" option of some sort on the capsules, that way folks can use a TLS client cert if they want to, but if they can't they could set up a password for logging in instead.

Blanket Fort Webring

<< Prev - Random - Full List - Next >>

What the heck is this?