Comment by π clseibold
Re: "Until the Misfin protocol is developed (I have found atβ¦"
@ps One more thing. In misfin, mailbox certificates actually don't need to be stored on the misfin server. You can crate a certificate signing request (CSR) to the misfin server on mailbox creation, and the private key of the mailbox cert never has to leave a person's local computer.
Nobody does it this way *because* there's no GUI misfin clients, lmao. So our "misfin clients" are implemented on the misfin server atm using a Gemini client (basically the equivalent of webmail, but for Gemini; e.g., skylab, or in my misfin-server, or @gemalaya's misfin server). These "Geminimail" misfin clients have to be able to send using a mailbox's private key, and so that's the only reason you would store your misfin mailbox private key on a misfin server.
Hopefully this makes sense.
π clseibold [π Code of Conduct rule 1 violations]
2025-06-27 Β· 10 months ago
Original Post
Until the Misfin protocol is developed (I have found at least three editions), I would like to raise the question about the TLS requirement for all connections. In short, the main point is described here: [gemini link] Personally, I'm using encrypted IPv6 mesh networks like Yggdrasil, and I really don't want any external TLS layer. Maybe it's time to care about now than later?)