Gemini Protocol Turns 5 Exactly 10 Days From Now, Let's Encrypt CA Falls to 7.3% as Over 90% of Capsules Sign Their Own Certificates
"I started and am the Benevolent Dictator of a collaborative effort to define a new internet protocol called Gemini, which explores the space inbetween gopher and the web. It's definitely a work in progress, but there is already content in Geminispace - check out my personal Gemini capsule!" -Solderpunk
EACH month that passes by we gleefully see Let's Encrypt falling further and further down in Geminispace or gemini://
, an alternative to the Web. 4 months ago it was measured at 7.5% and now it says: "2502 (90.4 %) capsules are self-signed, 203 (7.3 %) use the Certificate Authority Let's Encrypt, 64 (2.3 %) are signed by another CA (may be not a trusted one)."
We've already explained our issues with Let's Encrypt and other CAs many times in the past, e.g. in 2020. Why do we use it for HTTPS and not for Gemini? Simple. Because more and more users choose to use (or be used by) a Web browser that, over time, treats anything that's not in a CA (i.e. "trust" outsourced*) like it is so hideous and dangerous that any access attempt should be denied (or made incredibly difficult). Each year it gets worse; the newer versions of each browser boil the frog that is HTTP-only sites or sites that have a certificate but that certificate isn't outsourced, i.e. Trust on first use (TOFU), or trust upon first use (TUFU).
Even though we still get the lion's share of traffic from HTTP/S (382646 hits on Sunday and 469647 this past Saturday) we sort of hope it'll just go away. With DRM, CAs, JavaScript bloat and a whole bunch of other problems we'd like to see Gemini Protocol succeeding if not superseding much of the Web. Most things on the Web can be replaced by Gemini Protocol. Not all, but most...
Gemini Protocol officially turns 5 only 10 days from now. We'll write again near that time or at exactly that time. We are guessing that the founder (Solderpunk) will also write something long about Gemini Protocol prior to or on that date.
_____
* Don't fall for the CA hype - the same fake security doctrine as UEFI 'secure' boot, wherein physics or bit-flipping can 'brick' your machine or take down mission-critical servers.