From mboxrd@z Thu Jan  1 00:00:00 1970
Date: Thu, 28 Jul 2011 08:00:09 +0200
From: David du Colombier <0intro@gmail.com>
To: 9fans@9fans.net
Message-ID: <20110728080009.25749f47@zinc.9fans.fr>
In-Reply-To: <CAL4LZyiuZjc1MipCpG8uVMKc53Oj0aeyJV7jqzCfVhv7f5qeaQ@mail.gmail.com>
References: <CAL4LZyjcj++m_mkubcQv-OuCotP45MK+EaHj+bX7Vkj6ou+BMg@mail.gmail.com>
	<alpine.OSX.2.00.1107271648280.540@haldir.orthanc.ca>
	<8a5dc7a6b3c1d2b8c8b2b401551c094d@ladd.quanstro.net>
	<CAL4LZyiuZjc1MipCpG8uVMKc53Oj0aeyJV7jqzCfVhv7f5qeaQ@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Re: [9fans] encrypting 9P traffic
Topicbox-Message-UUID: 07ba2be2-ead7-11e9-9d60-3106f5b1d025

> Import defaults to unencrypted, at least for me. Import and srv
> *should* default to TLS but it's not implemented. SSL is implemented
> for import but it's not the default.

Yes, but like you said earlier, it's SSLv2, not SSLv3.

However, pushtls is here (even if not used anywhere) and it's
easy to implement it.
I recently added TLS support in exportfs, import and cpu, but
it's not finished yet.

The main difference between tlssrvtunnel and import is that
tlssrvtunnel is using the TLS handshake protocol, while import
is using a custom handshake protocol, without certificate handling.

So it depends on what you want.

--
David du Colombier