[Oberon] SSL tunnel; was SMTP/SSH tunnel
peasthope at cablelan.net
Fri Mar 30 17:28:47 MEST 2007
Bill & others,
Sorry for all the questions and banter.
I want to solidify a few more ideas before
distinguishes two cases.
1. TLS-capable application. "... IETF recommended
that application protocols always start unsecured
and ... offer a way to upgrade to TLS ..."
2. TLS-ignorant application communicating through
a TLS tunnel.
As I understand, Oberon MUA falls into case 2.
At Mon, 26 Mar 2007 04:54:06 +0800 Bill Hacker wrote,
wh> By either:
wh> - Using the expected TLS ...
wh> *OR* ... await ONLY an arriving SSL session.
Both subcases of case 1 above? Oberon initiates
the tunnel; it can not wait for a SSL session.
I need to aim for case 2.
wh> 22 is indeed the SSH port, but that is for terminal session.
SSH.StartForwarding is in SSH which depends
on SSHTransport which defines SSHport = 22.
I found no other port in the modules.
wh> a) Specify which IP to listen on:
Doesn't the SSL daemon, rather than the
MTA, listen on the interface?
wh> b) ... ports ...
wh> b) ... certificate ...
wh> c) ... 'Offer' TLS to all, or ...
wh> d) ... keep state ...
All issues for the SSL daemon running the tunnel;
not for the MTA?
wh> e) ... accept AUTH ...
One of the more obscure aspects.
wh> See also POP and IMAP use of SSL.
In Oberon, POP and IMAP are ignorant of SSL.
If anyone knows of a link to a SSL tunnel
Howto it would help.
Thanks, ... Peter E.
More information about the Oberon