 |
allaryin
Newbie
Joined: 09 Mar 2005
Posts: 6
Location: Tucson, AZ
|
 Posted: Wed Mar 09, 2005 8:40 pm
TLS/SSL Support?
|
What are the odds of zMUD ever supporting secure connections? The LDMud driver offers support for this, I am not involved in the development of other mud platforms (Diku, MudOS, etc...) so I don't know what their support is like.
But in my investigations, I have only found two mud clients that support tls connections, and the only good one is TinyFugue.
If zMUD added this feature... well... market share... ripple effect, etc... you get the idea. It'd be a good thing for society. |
|
|
|
|
MattLofton
GURU
Joined: 23 Dec 2000
Posts: 4834
Location: USA
|
Posted: Thu Mar 10, 2005 1:28 am
|
What are TLS and SSL? Are they related/a part of SSH? Zugg said some time in the past that he was going to offer support for the last, but because of legal/copyright and other issues it was going to be way too much of a hassle. If these protocols are as open as, say, TCP/IP, maybe he might consider it.
|
|
_________________
EDIT: I didn't like my old signature |
 |
|
|
allaryin
Newbie
Joined: 09 Mar 2005
Posts: 6
Location: Tucson, AZ
|
Posted: Thu Mar 10, 2005 7:18 pm
|
Yes, they are public standards. They are a part of SSH, https, etc... they are what makes it secure.
TLS 1.0 is RFC 2246. And as an overly simplified explanation, SSL is just Netscape's word for TLS. The protocol was standardized in '99 by a group of people from Netscape, IBM, Microsoft, and other places. At 80 pages long, it is big but not terribly big as far as protocol specifications go - The HTTP spec is twice as long.
They stand for Secure Sockets Layer and Transfer Layer Security and are basically ways in which to negotiate encrypted communications. There are numerous different ciphers that are selected from when making a secure connection, and an application may choose which ciphers to support (but it is probably a good idea to support more than one or two).
The most popular open source implementation of these protocols is OpenSSL. There are a lot of good resources on their site. |
|
Last edited by allaryin on Thu Mar 10, 2005 7:25 pm; edited 2 times in total |
|
|
|
allaryin
Newbie
Joined: 09 Mar 2005
Posts: 6
Location: Tucson, AZ
|
Posted: Thu Mar 10, 2005 7:22 pm
|
<ignore this>
|
|
|
|
|
Zugg
MASTER
Joined: 25 Sep 2000
Posts: 23379
Location: Colorado, USA
|
Posted: Fri Mar 11, 2005 6:17 am
|
The proper protocol to implement for secure MUD connections is actually SSH. It's the basically the secure version of Telnet. You can run zMUD within an SSH wrapper program. zMUD itself doesn't have to be changed to use SSH or SSL. You just need to run a wrapper program that intercepts the normal network traffic and handles the encryption both directions. Search this forum for SSH and you'll find more details on how to set this up.
I cannot built SSL directly into zMUD. It would make it impossible to export zMUD outside the US. OpenSSL is a possibility, and I hope to learn more about it when I add SSL options to eMobius. Before OpenSSL, there were many other licensing problems with SSL. Free programs, like MUD servers, free MUD clients, etc, don't have these limitations and often don't worry about what needs to be licensed or what export restrictions there are. But as a commercial product, I have to worry about this kind of stuff with zMUD I'm afraid. |
|
|
|
|
allaryin
Newbie
Joined: 09 Mar 2005
Posts: 6
Location: Tucson, AZ
|
Posted: Fri Mar 11, 2005 9:24 am
|
You can only tunnel zMUD through SSH if the mud server has an SSH daemon running that allows you to connect - no SSH client I know of allows for the sort of connection required to talk to a mud correctly (ie, supporting the mud's internal authentication methods after opening an unauthenticated secure channel).
*grin* Isn't it funny that by making something commercial, you are suddenly required to offer an inferior product? :)
As far as exportation of encryption technology, I understand that there are laws against doing so outside of the US, EU, Canada, Australia, Japan and a few other countries. How many of your clients are actually outside of this area?
It looks like the official policy and instructions on how to jump through requisite hoops are published at http://www.bxa.doc.gov/Encryption.
Also, as it is something more optional (at present), why couldn't you make it an optional feature? I understand that there is a hassle in maintaining two separate versions of the program, but that's a small price to pay for offering a better product for those of your customers who live in the vast majority of the world.
Oh, and one last thing, it looks like the PennMUSH codebase also supports SSL. Support is growing on the server side, it'd be a shame if this was the last high quality client to implement this feature, ne?
(And for the record, I'm not bagging on the program. I have been faithfully using zMUD on my windows machines since '96 - it was the first shareware program I ever registered - I just hope that it is willing to grow with the future and continue to be the product appropriate for my needs.) |
|
|
|
|
allaryin
Newbie
Joined: 09 Mar 2005
Posts: 6
Location: Tucson, AZ
|
|
|
|
|
Kiasyn
Apprentice
Joined: 05 Dec 2004
Posts: 196
Location: New Zealand
|
Posted: Sun Mar 13, 2005 12:16 am
|
i'm outside of this area! 
|
|
|
|
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
