Re: TCP gateway?

Rocke Verser (rcv@dopey.verser.frii.com)
Sat, 29 Mar 1997 22:36:54 -0700


> Congrats to Karl for having the first "real" post to the new list :-)

Ditto! And thanks to Matt for setting up this list! :-)

> >>>>> "Karl" == Karl J Runge <runge@crl.com> writes:
>
> Karl> Short of this could somebody tell me the UDP port number the
> Karl> client uses?
>
> 8669

Correct for version 0.214 clients. Just for the record, about 5%
of the keyspace is still being searched by older clients, which use
a different port number, talk to a different (but coordinated)
keyserver, and use an incompatible protocol.

> Karl> I don't want to, but I might be able to rig up
> Karl> some perl scripts on both sides of my connection transmitting
> Karl> the UDP information.

Such a thing would really not be very difficult, Karl. [I just don't
have the time.] The protocol, as seen by the gateways is mighty simple:
The client sends 1 packet to the server. The server sends 1 packet back
to the client. The transaction is over.

To increase fault-tolerance, if no response is received, the client
retries at increasingly lengthy intervals, much like the old RC-5/48
clients did.

Is there no shareware (or commercial package) that already exists that
can encapsulate (and unencapsulate) UDP packets inside TCP packets?

> There are actually a number of things that I'd like to see done, in
> order to increase the number of clients we can get running.
>
> [snip -- see Matt's post]
>
> --
> Matt Curtin Chief Scientist Megasoft, Inc. cmcurtin@research.megasoft.com

Matt, I agree with most of your ideas.

No offense intended to the RC5-48 crew, but I'm happy to be testing
keys while we begin debate about such extensions. :-)

There are a lot of CPU cycles available outside the USA, so here are
3 more wild ideas that I don't have time to follow up on:

Is there any lawyer-type-person, EXPERIENCED WITH CRYPTO EXPORT, who would
care to see if the clients can be exported without a license? The object
code does not perform encryption or decryption per-se (it takes one 8-byte
block of known plaintext and one 8-byte block of known ciphertext and
attempts to find the correct key.). But the function does not quite fit
any of the exemptions explicit in the new EAR regulations, either.
DO NOT THINK THIS TASK IS EASY! Read some of the [horror] stories at
the EFF Web Site.

Is there a reputable publisher, who would care to publish the source
code? I seriously doubt any publisher's time-frame is compatible with
this project. It's just an idea. [Didn't MIT Press publish the PGP
Source Code?]

Would anybody outside the USA/Canada care to adapt their own code to
use the DESCHALL protocol. Understand that US Export Law would make
this a very frustrating process, with many one-sided conversations.
Once done, however, nothing prevents the DESCHALL server from passing
keys out around the world.

Cheers!

-- Rocke