NNTPS pointers
Julien ÉLIE
julien at trigofacile.com
Tue Oct 19 21:36:39 UTC 2021
Hi Grant,
>> AFAICS there's no support for this in innd as it stands today - only
>> nnrpd knows about TLS.
>
> ~grump~
>
> Okay. That would be why I couldn't find anything. :-/
Yep!
Usually, either IPsec or stunnel with TCP wrappers is used for innd.
> So ... how about STARTTLS support on port 119?
Note that STARTTLS is now discouraged because of possible
man-in-the-middle attacks. Implementations SHOULD use implicit TLS on
port 563 (see RFC 8143).
It is tricky to implement in innd, with its channels...
Same thing for COMPRESS, which would be useful to have in transit mode.
Patch welcome of course :-)
--
Julien ÉLIE
« Il est difficile de discuter avec des gens qui ne peuvent pas entendre
et qui ne veulent pas entendre. » (Julius Welhausen)
More information about the inn-workers
mailing list