Go Back   Wireless and Wifi Forums > News > Newsgroups > comp.security.misc
accessing TLS/SSL services, including snews://

accessing TLS/SSL services, including snews://

accessing TLS/SSL services, including snews://. Discuss accessing TLS/SSL services, including snews://, on Wireless Forums.

Register FAQ Forum Rules Members List Calendar Search Today's Posts Advertise Mark Forums Read

 
Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 09-18-2012, 10:39 AM
Ivan Shmakov
Guest
  
Posts: n/a
Default accessing TLS/SSL services, including snews://
>>>>> John F Morse <john@example.invalid> writes:

[Cross-posting to news:comp.security.misc and
news:comp.protocols.misc, just in case. Please omit the latter
when replying, unless the intent is to discuss the Telnet
protocol.]

[...]

> The OP simply asked "how to post from the command line" and I
> provided one solution: telnet.

May I remind you that the Telnet protocol has its own control
sequences, and may be unsuitable for, e. g., transferring
arbitrary binary data? Arguably, a Netcat tool, such as nc6(1),
or OpenBSD nc(1), would be a better fit.

(For that reason, the hosts under my control rarely provide the
telnet(1) client.)

> You provided another: openssl.

Let me provide the third: gnutls-cli(1). Consider, e. g. (line
wrapping by me), the following session.

$ gnutls-cli -p 563 news.panix.com
Resolving 'news.panix.com'...
Connecting to '166.84.1.69:563'...
- Certificate type: X.509
- Got a certificate list of 1 certificates.
- Certificate[0] info:
- subject `C=US,ST=NY,L=New_York,
O=PANIX Public Access Networks Usenet News Servers,OU=news,
CN=news.panix.com,EMAIL=staff@panix.com',
issuer `C=US,ST=NY,L=New_York,
O=PANIX Public Access Networks Usenet News Servers,OU=news,
CN=PANIX Public Access Networks Usenet News Servers CA,
EMAIL=staff@panix.com',

[... Arguably, they should use a certificate signed by a
recognized trusted party, such as, e. g., https://cacert.org/.]

RSA key 2048 bits, signed using RSA-SHA,
activated `2012-01-20 19:20:16 UTC',
expires `2022-01-17 19:20:16 UTC',
SHA-1 fingerprint `e588294d02985ea671e2c2a7e84f23c524b755bc'
- The hostname in the certificate matches 'news.panix.com'.
- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Version: TLS1.0
- Key Exchange: RSA
- Cipher: AES-128-CBC
- MAC: SHA1
- Compression: NULL
- Handshake was completed

- Simple Client Mode:

200 reader1.panix.com InterNetNews NNRP server INN 2.3.3 ready (posting ok).
QUIT
205 .
- Peer has closed the GNUTLS connection
$

> I realize the Subject includes "snews" and telnet is not usable for
> SSL/TLS without a helper, like Stunnel.

I still don't get how using two TCP connections (Netcat or
Telnet to Stunnel, and Stunnel to TLS/SSL server) could be
better than using a single one (openssl or gnutls-cli to TLS/SSL
server.)

[...]

--
FSF associate member #7257

Reply With Quote
Reply


« Kaspersky install question | EMET is typically easy to install »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
SSRT051030 rev.1 - HP OpenView Event Correlation Services (OV ECS) Remote Unauthorized Privileged Access Security Alert comp.security.misc 0 10-04-2005 09:53 PM
Myopic Economist article: Skype and "How the internet killed the phone business" Valiant uk.telecom.voip 5 09-16-2005 04:11 PM
SSRT051030 rev.0 - HP OpenView Event Correlation Services (OV ECS) Remote Unauthorized Privileged Access Security Alert comp.security.misc 0 09-05-2005 05:38 PM
[SSL-Talk List FAQ] Secure Sockets Layer Discussion List FAQ v1.1.1 Shannon Appel comp.security.misc 0 08-30-2005 04:26 AM
[SSL-Talk List FAQ] Secure Sockets Layer Discussion List FAQ v1.1.1 Shannon Appel comp.security.misc 0 07-31-2005 04:25 AM


All times are GMT. The time now is 04:04 PM.

Wireless Support Forum - Archive - Top - Privacy Policy - Terms of Use


Powered by vBulletin® Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.6.0 PL2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45