search

JCLemme / misfin

The Misfin mail protocol
gemini://misfin.org/
Other
14 stars 0 forks source link

Criticism of Misfin #2

Open zzo38 opened 3 months ago

zzo38 commented 3 months ago

I wrote it here because I intend to be public rather than sending the message by private, and because it might be longer than 2048 bytes.

  1. The certificate does not have any way of identifying it as a Misfin certificate. It might be better to add an extension to indicate this instead of using the USER_ID and SUBJECT_ALT_NAME. To make up the ID of the extension, use the command uuid -FSIV (you may optionally add additional options such as -v4 if desired too). Prepend 2.25. before the resulting UUID number, and optionally append another . and further numbers after the UUID number.

  2. I do run my own email server at home, for receiving. I go through the ISP for sending. (This is not really a criticism of Misfin, but of the other stuff. I don't know if I could configure it to send directly to servers that want that if they do not want me to go through the ISP for sending, or how to know who wants that (possibly some kind of DNS record or a message header?).)

  3. I think the message limit is too small, but also it is unclear how to use Gemini formatting (which is allegedly allowed; it says text/gemini) if the message is terminated by a line break.

  4. You cannot specify the character set for the message; only Unicode is supported.

  5. I dislike the mandatory TLS of this and Gemini and other protocols; for simplicity and to save power sometimes you will want to not use TLS. However, in this case TLS is useful for the purpose to include the client certificate (as well as for encryption), but if you do not want a client certificate nor encryption then you could use like the older email without TLS.

  6. I don't like the way that the URL format is made. Usually the "user info" would be for the user name to log in, rather than for specifying the recipient.

  7. However, one part I do agree with, which is that mailbox management and relaying are out of band.

zzo38 commented 1 month ago

I think items 1 and 3 are being handled in Misfin(C), althoug the specification is currently incomplete.

jphastings commented 1 week ago

Where might we look at the misfin(C) prototype? I'm interested to see how it progresses!