[gopher] Adding TLS and/or SSL support to Gopher
Kevin Veroneau
kevin at veroneau.net
Thu Apr 23 22:08:26 UTC 2015
I can help out with creating a client and server proxy for this. However I'm not sure how this will work. Here are my key concerns:
The Gopher protocol doesn't natively support proxy servers. So, connecting to localhost can only tunnel to a single remote gopher server...
Rewritting of gopher menus to change both the host and port will also be needed.
As a result, I don't think creating a TLS proxy would be feasible, let alone tunneling through an SSH or SSL tunnel.
The major issue with the gopher protocol is it's menus provide a host and port. While this is also a huge benefit to the protocol, it's also a hurdle when it comes to proxying the protocol itself. Thankfully the menus are easily parsable.
On April 23, 2015 3:00:27 PM MDT, James Mills <prologic at shortcircuit.net.au> wrote:
>I actually quite like this idea to start with :)
>
>cheers
>James
>
>
>James Mills / prologic
>
>E: prologic at shortcircuit.net.au
>W: prologic.shortcircuit.net.au
>
>On Fri, Apr 24, 2015 at 5:18 AM, <simple at sdf.org> wrote:
>
>> New thread for an important topic :)
>>
>> Looking in my OS's /etc/services file it appears there are several
>> available ports in the 700-799 range:
>>
>> # 703 Unassigned
>> # 708 Unassigned
>> # 717-728 Unassigned
>> # 703 Unassigned
>> # 708 Unassigned
>> # 717-728 Unassigned
>> # 732-740 Unassigned
>> # 743 Unassigned
>> # 745-746 Unassigned
>> # 755-756 Unassigned
>> # 766 Unassigned
>> # 768 Unassigned
>> # 778-779 Unassigned
>> # 781-785 Unassigned
>> # 786 Unassigned
>> # 787 Unassigned
>> # 788-799 Unassigned
>>
>> As for implementation of the concept, I feel it should be done in a
>way
>> that doesn't shut out existing gopher clients/servers.
>>
>> Perhaps adopting some sort of external client+server proxy model
>would be
>> the best starting point such that, for example, someone with a
>lynx(1)
>> browser could install a "secure_gopher" proxy on their computer such
>that
>> their now local port 70 requests are SSL-wrapped and sent on to a
>> corresponding "secure_gopher" proxy server listening on the new
>gopherS
>> TLS encrypted port (785 maybe?). Probably it's already doable using
>> opensshd and SOCKS, just need to pick a port.
>>
>> The above approach would not preclude others from basically
>incorporating
>> the proxy model into their new clients and servers for an all-in-one
>> solution.
>>
>> For making it officially part of Gopher World I think it means a new
>RFC
>> for "secure gopher" or at least adding the spec to the existing
>gopher
>> RFC; I don't know which would be easier.
>>
>> Jeff / gopher://jgw.mdns.org
>>
>> _______________________________________________
>> Gopher-Project mailing list
>> Gopher-Project at lists.alioth.debian.org
>>
>http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/gopher-project
>>
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Gopher-Project mailing list
>Gopher-Project at lists.alioth.debian.org
>http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/gopher-project
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/gopher-project/attachments/20150423/a6aba4c5/attachment.html>
More information about the Gopher-Project
mailing list