From: jim@tadpole.com
To: jpp@markv.com
Message Hash: 1dcd692b309a6f8b84e87ebe7c4bb21e7e88e537f0541dc8afef581c40527407
Message ID: <9307101007.AA22836@ono-sendai>
Reply To: N/A
UTC Datetime: 1993-07-10 10:08:23 UTC
Raw Date: Sat, 10 Jul 93 03:08:23 PDT
From: jim@tadpole.com
Date: Sat, 10 Jul 93 03:08:23 PDT
To: jpp@markv.com
Subject: Re: Secure comm program, Sockets + LINK
Message-ID: <9307101007.AA22836@ono-sendai>
MIME-Version: 1.0
Content-Type: text/plain
> Supose you opened up a socket on the local machine. And that you
> ran your usual telnet to connect to it. The program listening on the
> local socket would be responsible for running one end of a 'LINK' like
> secure protocol. It would connect to either the remote telnet socket,
> or a special purpose socket at the remote end. There either you can
> use a pipe to a pty (standard telnet -> login shell -> LINK -> pty),
> or in a special socket through LINK out the telnet socket. (There is
> an obvious extention with multiple hops through LINK-socket programs
> which should provide the same kind of anonymity that is provided by
> the CP remailers.)
This is the kind of thing which is just perfect for a streams-based
tty/networking environment. Create a streams module that implements
Link and DH key excng. Push it on your tty stream at both ends. Works
over modems, telnet/rlogin, what-have-you. A similar module could be
created to sit below the IP module in SVRx-based Un*xes.
> It is also likely to be obsoleted as soon as secure-ip gets out.
And once the vendors for both endpoints update to it. Could be a while.
> Infact it would be nice to see some socket (perhaps 32?) become the
> standard for the secure telnet service.
I think it would be much better to develop something that will work with
the current port numbers, else we stand a good chance of asking for a 'new'
secure port foreach well-known service. (Secure SMTP, Secure ftp-cmd, secure
ftp-data,...)
Jim
Return to July 1993
Return to “jpp@markv.com”