Secure INN

Jeffrey M. Vinocur jeff at litech.org
Mon Sep 10 22:34:21 UTC 2001


On Mon, 10 Sep 2001, Wim Lewis wrote:

> What are the disadvantages of stunnel?
>
> As far as I can tell, snews is just plain nntp carried over SSL/TLS;
> there's no other modification to the protocol.

Correct.


> Using a simple external SSL implementation like stunnel seems
> architecturally cleaner than building it into innd, nnrpd, etc.

With stunnel & friends, all connections appear to be coming from
localhost, so you lose the ability to authenticate based on source IP.


-- 
Jeffrey M. Vinocur
jeff at litech.org



More information about the inn-workers mailing list