From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <77158a75ac9ee53bb9de3e5763b11f16@collyer.net> To: micah@stetsonnet.org, 9fans@cse.psu.edu Subject: Re: [9fans] Secure ftp Again Date: Sun, 3 Apr 2005 21:32:19 -0700 From: geoff@collyer.net In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="upas-sxgbtdffsdtsbvhzaagjfuxqgb" Cc: Topicbox-Message-UUID: 327844b0-ead0-11e9-9d60-3106f5b1d025 This is a multi-part message in MIME format. --upas-sxgbtdffsdtsbvhzaagjfuxqgb Content-Disposition: inline Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Avoiding this was sort of thing was surely part of the motivation for IPsec, but presotto points out (I hope I'm not misrepresenting him) that implementing IPsec, at least in the kernel, is messy, requiring lots of state and the ability to interrupt and restart cryptographic computations at awkward times. I've wondered off and on if it might be feasible and cleaner in a user-mode file server. tcpmux (rfc 1078) looks easier in user-land. --upas-sxgbtdffsdtsbvhzaagjfuxqgb Content-Type: message/rfc822 Content-Disposition: inline Received: from collyer.net ([216.240.55.164]) by collyer.net; Sun Apr 3 20:02:13 PDT 2005 Received: from mail.cse.psu.edu ([130.203.4.6]) by collyer.net; Sun Apr 3 20:02:12 PDT 2005 Received: from psuvax1.cse.psu.edu (localhost [127.0.0.1]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id 1E71E18257 for ; Sun, 3 Apr 2005 23:02:07 -0400 (EDT) X-Original-To: 9fans@cse.psu.edu Delivered-To: 9fans@cse.psu.edu Received: from localhost (localhost [127.0.0.1]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id 2539A1818C for <9fans@cse.psu.edu>; Sun, 3 Apr 2005 23:01:33 -0400 (EDT) Received: from mail.cse.psu.edu ([127.0.0.1]) by localhost (psuvax1 [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 28554-02-40 for <9fans@cse.psu.edu>; Sun, 3 Apr 2005 23:01:32 -0400 (EDT) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.194]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id C7AE518193 for <9fans@cse.psu.edu>; Sun, 3 Apr 2005 23:01:31 -0400 (EDT) Received: by wproxy.gmail.com with SMTP id 69so1351825wri for <9fans@cse.psu.edu>; Sun, 03 Apr 2005 20:01:31 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=XQa8rU6jIw1Q5hy/qwyKpe+dGl6AOD4QHISpjawOjkibLFynStcFL+ZWOompqdVTDws57uRJWKkRTtWhA2wY2K3pZjpYsD4yODG6uaPCMLT9CKlGxb7QsUO/GAvdKRD3A5hBi4sMXOQk5Jh3pvgON4aGuIsvVPaJzDSZd0kZjq8= Received: by 10.54.43.51 with SMTP id q51mr120859wrq; Sun, 03 Apr 2005 20:01:30 -0700 (PDT) Received: by 10.54.39.47 with HTTP; Sun, 3 Apr 2005 20:01:30 -0700 (PDT) Message-ID: Date: Sun, 3 Apr 2005 20:01:30 -0700 From: Micah Stetson To: Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu> Subject: Re: [9fans] Secure ftp Again In-Reply-To: <67CB8264D4E6B1F8F444DEA6@peregrin.orthanc.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit References: <186925c4b8718cb5e5e1ce8747f78ce2@collyer.net> <67CB8264D4E6B1F8F444DEA6@peregrin.orthanc.ca> X-Virus-Scanned: by amavisd-new at cse.psu.edu X-BeenThere: 9fans@cse.psu.edu X-Mailman-Version: 2.1.5 Precedence: list Reply-To: micah@stetsonnet.org, Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu> List-Id: Fans of the OS Plan 9 from Bell Labs <9fans.cse.psu.edu> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: 9fans-bounces+geoff.9fans=collyer.net@cse.psu.edu Errors-To: 9fans-bounces+geoff.9fans=collyer.net@cse.psu.edu > But the trend is towards negotiating TLS after chatting over the > connection a bit. IMAP, SMTP, and POP all have a separate command to Let's implement Transport Layer Security inside all our application layer protocols! Micah --upas-sxgbtdffsdtsbvhzaagjfuxqgb--