Subj : Re: binkp TLS
To   : Oli
From : Wilfred van Velzen
Date : Sat Dec 14 2019 12:13 am

Hi Oli,

On 2019-12-13 22:03:43, you wrote to Tommi Koivula:

 TK>> === Cut ===
 TK>> node 2:221/6 -pipe "openssl s_client -quiet -alpn binkp -connect
 TK>> news.fidonet.fi:24567" *
 TK>> === Cut ===

 Ol> alternatice command is

 Ol> node 2:221/6 -pipe "ncat --ssl-alpn binkp *H *I" news.fidonet.fi:24567

 Ol> The alpn stuff is only needed if the server demands it (e.g when running
 Ol> webserver, xmpp server, binkp on port 443).

My version of ncat and openssl don't know about -alpn. Maybe my linux is too 
old?

And I think it's better to use --ssl-verify with ncat.

 Ol> I wonder, if we should directly jump to QUIC instead of implementing
 Ol> TLS over TCP?

It's probably too new. And not supported yet on a lot of systems? How do you 
check anyway? ;)

Bye, Wilfred.

--- FMail-lnx64 2.1.0.18-B20170815
 * Origin: FMail development HQ (2:280/464)

.