At 12:09 14/12/00 +1100, [EMAIL PROTECTED] wrote:
>To all,
>
>I have been informed that you can conduct a number of different sessions
>(HTTP, Telnet, FTP) over the top of SSL. I am aware of how to implement
>HTTP/S on a web server, but how is this done using FTP?
in the same way as for HTTP! modify the application:)
there are implementations for telnet and ftp, and even smtp over ssl.
however, SSL is being replaced by TLS, so new implementations will
probably be TLS-aware. at least, let's hope!
even that old man called sendmail now supports tls...
> I'm assuming it is
>done in the same vain as IPSec by establishing a secure tunnel.
no, SSL is not even at the socket layer. it is at the application layer.
I mean by that that it is a way to nenogiacte a session and use the
negociated material to encrypt/sign data. but both nego and data mgmt
require the application to handle'em. that is, your read() adn write() will
talk SSL. with IPSec, the IP stack can do it without the application's help.
>I have been looking around to verify this information and if anyone could
>help out to either prove or disprove this it would be much appreciated. If
>anyone has done it could they please let me know off the list.
think of SSL (and TLS) as a library that can be used to sign/encrypt
communication
channels. but one still needs to use the library functions for that.
regards,
mouss
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
