[gopher] TLS situation in gopher [was: Re: Gophernicus 2.4 "Millennium Edition" released]
James Mills
prologic at shortcircuit.net.au
Sun Feb 12 03:56:17 UTC 2017
I feel like there is a way to support TLS from the server-side whilst
remaining backwards compatible with non-TLS clients.
See:
http://blog.fourthbit.com/2014/12/23/traffic-analysis-of-an-ssl-slash-tls-session
If there is in fact a way to detect that a client is attempting a TLS
handshake or not and react accordingly from the server side (gophernicus,
cgod, prologic/go-gopher, pygopherd, etc) then we can make this work just
be using a well defined port: 73, 7070, something that we all agree on :)
cheers
James
James Mills / prologic
E: prologic at shortcircuit.net.au
W: prologic.shortcircuit.net.au
On Tue, Feb 7, 2017 at 8:24 AM, Kim Holviala <kim at holviala.com> wrote:
>
> > On 07 Feb 2017, at 18:18, Jaruzel <jaruzel at jaruzel.com> wrote:
> >
> > In article <20170207221841.2b60d3cc at mindloop.net>, driedfruit-pqpQE
> > +7wlovk1uMJSBkQmQ at public.gmane.org says...
> >> On Mon, 6 Feb 2017 14:40:00 +0200
> >> Kim Holviala <kim at holviala.com> wrote:
> >>
> >>> 0About this project /about.txt gophernicus.org TLS:7070
> >>>
> >>> But I'm quite certain some clients completely break down when handed
> >>> a menu like that.
> >>
> >> How about 7070:TLS, then? If they do something like atoi, without
> >> any extra checks, could this work?
> >>
> >
> > Wouldn't it be better to look at adding it as a Gopher+ extension?
> > Gopher+ may be badly designed, but it is already a standard, and has been
> > designed NOT to break classic Gopher only clients.
>
> The offical Gopher+ client from UMN is so broken I had to detect it in the
> Gophernicus server code to make it work - dedicated code for just *one*
> client. If that's not "badly designed" I don't know what is.
>
>
>
> - Kim
> _______________________________________________
> Gopher-Project mailing list
> Gopher-Project at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/gopher-project
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/gopher-project/attachments/20170211/4a23fd24/attachment.html>
More information about the Gopher-Project
mailing list