Re: [gopher] TLS situation in gopher [was: Re: Gophernicus 2.4 "Millennium Edition" released]

To: Gopher Project Discussion <gopher-project@lists.alioth.debian.org>
Subject: Re: [gopher] TLS situation in gopher [was: Re: Gophernicus 2.4 "Millennium Edition" released]
From: James Mills <prologic@shortcircuit.net.au>
Date: Sat, 11 Feb 2017 19:56:17 -0800
Message-id: <[🔎] CALGqR9J+BzycXGWOUwv5201VuOgoqHtWPgwKdJvZ4Sin25yGEQ@mail.gmail.com>
Reply-to: Gopher Project Discussion <gopher-project@lists.alioth.debian.org>
In-reply-to: <[🔎] 3F7A7C46-E1EA-4696-B1F3-77F06CFCD8A6@holviala.com>
References: <[🔎] 201702041011.v14ABcjk10813568@floodgap.com> <[🔎] F5C9CFB2-112C-4825-B9DE-DD51A9E44BED@holviala.com> <[🔎] CALGqR9LkhpKOMW93e5NoZ+jix1YKbpPyxYGWsO1gWik6MYSkvw@mail.gmail.com> <E1cadBY-00056I-4B@moszumanska.debian.org> <E1cadHt-0007NO-JQ@moszumanska.debian.org> <[🔎] CAJvjBNaXfEVYrvetsFjto8NR+SNP6y9AmX4YmphgK+7bZGRgkg@mail.gmail.com> <[🔎] ec09479b-a619-4c50-5e59-22350c8e9adb@r-36.net> <[🔎] BDC62F55-DDDE-4636-86AE-0FC6F66B3A96@holviala.com> <[🔎] 20170207221841.2b60d3cc@mindloop.net> <[🔎] 20170207-161809.907.0@Jaruzel.news.gmane.org> <[🔎] 3F7A7C46-E1EA-4696-B1F3-77F06CFCD8A6@holviala.com>

I feel like there is a way to support TLS from the server-side whilst remaining backwards compatible with non-TLS clients.

See: http://blog.fourthbit.com/2014/12/23/traffic-analysis-of-an-ssl-slash-tls-session

If there is in fact a way to detect that a client is attempting a TLS handshake or not and react accordingly from the server side (gophernicus, cgod, prologic/go-gopher, pygopherd, etc) then we can make this work just be using a well defined port: 73, 7070, something that we all agree on :)

cheers

James

James Mills / prologic

E: prologic@shortcircuit.net.au

W: prologic.shortcircuit.net.au

On Tue, Feb 7, 2017 at 8:24 AM, Kim Holviala <kim@holviala.com> wrote:

> On 07 Feb 2017, at 18:18, Jaruzel <jaruzel@jaruzel.com> wrote:
>
> In article <[🔎] 20170207221841.2b60d3cc@mindloop.net">20170207221841.2b60d3cc@mindloop.net>, driedfruit-pqpQE
> +7wlovk1uMJSBkQmQ@public.gmane.org says...
>> On Mon, 6 Feb 2017 14:40:00 +0200
>> Kim Holviala <kim@holviala.com> wrote:
>>
>>> 0About this project /about.txt gophernicus.org TLS:7070
>>>
>>> But I'm quite certain some clients completely break down when handed
>>> a menu like that.
>>
>> How about 7070:TLS, then? If they do something like atoi, without
>> any extra checks, could this work?
>>
>
> Wouldn't it be better to look at adding it as a Gopher+ extension?
> Gopher+ may be badly designed, but it is already a standard, and has been
> designed NOT to break classic Gopher only clients.

The offical Gopher+ client from UMN is so broken I had to detect it in the Gophernicus server code to make it work - dedicated code for just *one* client. If that's not "badly designed" I don't know what is.

- Kim

_______________________________________________
Gopher-Project mailing list
Gopher-Project@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/gopher-project

_______________________________________________
Gopher-Project mailing list
Gopher-Project@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/gopher-project

Reply to:

Follow-Ups:
- Re: [gopher] TLS situation in gopher [was: Re: Gophernicus 2.4 "Millennium Edition" released]
  - From: Adam Thompson <arthompson1990@gmail.com>

References:
- Re: [gopher] Gophernicus 2.4 "Millennium Edition" released
  - From: Cameron Kaiser <spectre@floodgap.com>
- Re: [gopher] Gophernicus 2.4 "Millennium Edition" released
  - From: Kim Holviala <kim@holviala.com>
- Re: [gopher] Gophernicus 2.4 "Millennium Edition" released
  - From: James Mills <prologic@shortcircuit.net.au>
- Re: [gopher] Gophernicus 2.4 "Millennium Edition" released
  - From: Wolfgang Faust <wolfgangmcq@gmail.com>
- [gopher] TLS situation in gopher [was: Re: Gophernicus 2.4 "Millennium Edition" released]
  - From: Christoph Lohmann <20h@r-36.net>
- Re: [gopher] TLS situation in gopher [was: Re: Gophernicus 2.4 "Millennium Edition" released]
  - From: Kim Holviala <kim@holviala.com>
- Re: [gopher] TLS situation in gopher [was: Re: Gophernicus 2.4 "Millennium Edition" released]
  - From: Driedfruit <driedfruit@mindloop.net>
- Re: [gopher] TLS situation in gopher [was: Re: Gophernicus 2.4 "Millennium Edition" released]
  - From: Jaruzel <jaruzel@jaruzel.com>
- Re: [gopher] TLS situation in gopher [was: Re: Gophernicus 2.4 "Millennium Edition" released]
  - From: Kim Holviala <kim@holviala.com>

Prev by Date: Re: [gopher] SiMpLe MaChInEs off-line
Next by Date: Re: [gopher] TLS situation in gopher [was: Re: Gophernicus 2.4 "Millennium Edition" released]
Previous by thread: Re: [gopher] TLS situation in gopher [was: Re: Gophernicus 2.4 "Millennium Edition" released]
Next by thread: Re: [gopher] TLS situation in gopher [was: Re: Gophernicus 2.4 "Millennium Edition" released]
Index(es):
- Date
- Thread