Requesting a common encrypted port number for hobbit client/server
Just and idea, port 1984 over the years got recognized by some kind of Internet organization as default port for bb client/server communication port.
Should we (hobbit community) pursue a common port number for hobbit client/server encrypted communication ?
I see the need but don't how to get this done. which port number to use ? who(which entity) to ask ?
I am using port 1999 for my testing purpose for now.
T.J. Yang
Messenger Caf� � open for fun 24/7. Hot games, cool activities served daily. Visit now. http://cafemessenger.com?ocid=TXT_TAGHM_AugHMtagline
T.J.,
I second this idea. I think it would be a great benefit to the Hobbit community. About 6 or 7 years ago, a guy I was working with helped develop a monitoring system for our employer at the time using BB Pro and Cisco Pix FW/Routers so that we could keep client monitoring traffic encrypted, while utilizing the internet to send info to our NOC. It was a rather elegant solution to the clear text problem. As a result of his work the Quest folks added the encryption feature in the Pro version shortly thereafter.
David
-----Original Message----- From: T.J. Yang [mailto:tj_yang at hotmail.com] Sent: Sunday, August 19, 2007 9:41 AM To: hobbit at hswn.dk Subject: [hobbit] Requesting a common encrypted port number for hobbit client/server
Just and idea, port 1984 over the years got recognized by some kind of Internet organization as default port for bb client/server communication port.
Should we (hobbit community) pursue a common port number for hobbit client/server encrypted communication ?
I see the need but don't how to get this done. which port number to use ? who(which entity) to ask ?
I am using port 1999 for my testing purpose for now.
T.J. Yang
Messenger Café - open for fun 24/7. Hot games, cool activities served daily. Visit now. http://cafemessenger.com?ocid=TXT_TAGHM_AugHMtagline
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail.
From: "T.J. Yang" <tj_yang at hotmail.com> To: <hobbit at hswn.dk> Sent: Sunday, August 19, 2007 3:40 PM Subject: [hobbit] Requesting a common encrypted port number for hobbit client/server
Just and idea, port 1984 over the years got recognized by some kind of Internet organization as default port for bb client/server communication port.
Should we (hobbit community) pursue a common port number for hobbit client/server encrypted communication ?
I see the need but don't how to get this done. which port number to use ? who(which entity) to ask ?
Have a look at http://www.iana.org/assignments/port-numbers
Regards Lars Ebeling
see below,
From: "Lars Ebeling" <lars.ebeling at leopg9.no-ip.org> Reply-To: hobbit at hswn.dk To: <hobbit at hswn.dk> Subject: Re: [hobbit] Requesting a common encrypted port number for hobbit client/server Date: Mon, 20 Aug 2007 19:37:00 +0200
From: "T.J. Yang" <tj_yang at hotmail.com> To: <hobbit at hswn.dk> Sent: Sunday, August 19, 2007 3:40 PM Subject: [hobbit] Requesting a common encrypted port number for hobbit client/server
Just and idea, port 1984 over the years got recognized by some kind of Internet organization as default port for bb client/server communication port.
Should we (hobbit community) pursue a common port number for hobbit client/server encrypted communication ?
I see the need but don't how to get this done. which port number to use ? who(which entity) to ask ?
Have a look at http://www.iana.org/assignments/port-numbers
Should we have Henrik do the honor of requesting one ?
http://www.iana.org/cgi-bin/usr-port-number.pl
tj
Regards Lars Ebeling
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
Find a local pizza place, movie theater, and more�.then map the best route! http://maps.live.com/default.aspx?v=2&ss=yp.bars~yp.pizza~yp.movie%20theater...
On Sun, Aug 19, 2007 at 08:40:38AM -0500, T.J. Yang wrote:
Just and idea, port 1984 over the years got recognized by some kind of Internet organization as default port for bb client/server communication port.
Should we (hobbit community) pursue a common port number for hobbit client/server encrypted communication ?
I don't think this is necessary, and I'm not even sure such an application will be accepted.
The current trend for protocols that operate with both plain-text and encrypted traffic is to start with an un-encrypted connection, and then use a "STARTTLS" command to turn on encryption. The two sides can then negotiate if they can/will communicate.
Since this appears to be the method preferred by the Internet authorities, that's the one I've though about implementing. That shouldn't stop you from using stunnel, though.
I see the need but don't how to get this done. which port number to use ? who(which entity) to ask ?
It's handled by IANA, You request it through http://www.iana.org/cgi-bin/usr-port-number.pl
Regards, Henrik
The current trend for protocols that operate with both plain-text and encrypted traffic is to start with an un-encrypted connection, and then use a "STARTTLS" command to turn on encryption. The two sides can then negotiate if they can/will communicate.
I thought I saw something of bb could send msg to hobbit server through https. Now I cannot find it anywhere.
-- Asif Iqbal PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
From: henrik at hswn.dk (Henrik Stoerner) Reply-To: hobbit at hswn.dk To: hobbit at hswn.dk Subject: Re: [hobbit] Requesting a common encrypted port number for hobbit client/server Date: Mon, 20 Aug 2007 22:47:57 +0200
On Sun, Aug 19, 2007 at 08:40:38AM -0500, T.J. Yang wrote:
Just and idea, port 1984 over the years got recognized by some kind of Internet organization as default port for bb client/server communication port.
Should we (hobbit community) pursue a common port number for hobbit client/server encrypted communication ?
I don't think this is necessary, and I'm not even sure such an application will be accepted.
The current trend for protocols that operate with both plain-text and encrypted traffic is to start with an un-encrypted connection, and then use a "STARTTLS" command to turn on encryption. The two sides can then negotiate if they can/will communicate.
Since this appears to be the method preferred by the Internet authorities, that's the one I've though about implementing. That shouldn't stop you from using stunnel, though.
If hb encryption via stunnel is implemented then a port for plaintext redirection is needed. thus the idea of requesting non-taken port( from iana) for hobbit encrypted message.
For my understanding, BB Pro can do message encryption already and looks like they are using port 1984 also.
What is the impact of mixing bb encrypted message and hb encrypted message protocols on same port number ? and I don't believe Quest publish the bb message encryption protocol.
I think getting a port for hobbit itself is still good in the long run.
I see the need but don't how to get this done. which port number to use ? who(which entity) to ask ?
It's handled by IANA, You request it through http://www.iana.org/cgi-bin/usr-port-number.pl
Regards, Henrik
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
Learn.Laugh.Share. Reallivemoms is right place! http://www.reallivemoms.com?ocid=TXT_TAGHM&loc=us
On Tue, Aug 21, 2007 at 04:36:46AM -0500, T.J. Yang wrote:
If hb encryption via stunnel is implemented then a port for plaintext redirection is needed.
No, you need to configure your clients to use the encrypted port. Or do some firewall redirecting of the traffic to the encrypted service.
What is the impact of mixing bb encrypted message and hb encrypted message protocols on same port number ? and I don't believe Quest publish the bb message encryption protocol.
I have no idea how Quest implements encryption in the commercial BB version. Most likely the Hobbit and BB encryption mechanisms will not be compatible - I don't see this as a problem, Hobbit clients have never been compatible with BB. The mechanism I see for Hobbit is like this:
CLIENT SERVER
Connect to server Accept connection Send "STARTTLS\n" Send "OK\n" Perform TLS handshake Perform TLS handshake (Validate server cert) (Validate client cert) Exchange data Exchange data
Which is similar to how quite a few of the standard Internet protocols implement a "TLS upgrade" of the communication.
The certificate validation is optional, but quite trivial to implement. So this will also allow for fine-grained control over who can feed data into Hobbit.
Regarding the request for a dedicated port number: The problem is that I really do not believe IANA would be willing to assign a port number for Hobbit - it would be against their stated policy of not assigning different portnumbers for the plain-text and encrypted versions of an application-layer protocol. Since BB already has a port number assignment, getting a new one for Hobbit doesn't seem likely.
Henrik
participants (5)
-
david@stenhouseconsulting.com
-
henrik@hswn.dk
-
lars.ebeling@leopg9.no-ip.org
-
tj_yang@hotmail.com
-
vadud3@gmail.com