| |||||||||||||
Tent v0.1 releasedTent v0.1 releasedPosted Sep 21, 2012 22:46 UTC (Fri) by geofft (subscriber, #59789)In reply to: Tent v0.1 released by job Parent article: Tent v0.1 released
> And don't give me some crap about firewalls, because email and IRC and games work perfectly even among the technically uninformed majority.
No, they don't. Most ISPs filter block 25 in both directions, and many block IRC since it's used for botnet coordination. Have you tried it (on an ISP that is commonly used by the technically uninformed majority)?
Tunnelling over HTTP or better yet HTTPS is becoming quite common because it's the only thing guaranteed to work. "... for various reasons, different application layer protocols are increasingly being carried over TLS using a small set of TCP port numbers, most often port 443."
It's also generally the case that few people play large-bandwidth games on public networks at e.g. cafes, whereas a social networking protocol is useful if it's accessible from those sorts of restricted environments. In particular, a cryptographically-interesting social networking protocol is also quite useful from repressive countries with incompetent national ISPs.
(Log in to post comments)
Tent v0.1 released Posted Sep 22, 2012 10:15 UTC (Sat) by job (guest, #670) [Link]
Considering that 100% of the population use a computer, and many have more than one Internet connection, I would say that empirical data speaks against that. Mail just works for almost everyone. While it is true that you have to enter more settings in your mail software than should be strictly necessary, because of things like SMTP filtering, that is a solved problem.
As long as your protocol survives being NAT'd you're probably fine on today's networks. Because I hope you are not considering the use case that people start putting up Tent servers inside their office networks.
In fact, overloading port 80 will cause more problems than it will solve for home users. They will not find it at all straightforward to run both a web server and a Tent server from the home connection, for example.
Tent v0.1 released Posted Sep 22, 2012 13:03 UTC (Sat) by tao (subscriber, #17563) [Link]
"Mail just works for almost everyone." doesn't mean that there isn't heavy filtering in place though.
A lot of people use web based e-mail (gmail, hotmail, etc.). I'd wager most others either use pop or imap from their providers; very few -- if any -- "normal" users have their own web servers. Very few "normal" users use IRC.
Besides, even if your home operator would allow all types of traffic, you cannot rely on that everywhere. Ever tried ssh:ing from the free wifi most cafés offer these days? Or the pay for use wifi you can find at most airports?
Tent v0.1 released Posted Sep 23, 2012 5:38 UTC (Sun) by butlerm (subscriber, #13312) [Link]
Many if not most ISPs block inbound HTTP to those without static IP addresses. It won't make a difference to the vast majority of users who do not run their own servers, but to those that do, it is hard to see how choosing inbound HTTP over practically any other (UDP or TCP based) server protocol is likely to make any difference on the filtering front.
If you want to operate a "server" without the cooperation of your local ISP or firewall administrator, about your only option is to establish a long lived outbound connection to some sort of proxy server, or worse. I take it that is not what is going on here - requiring a proxy server would defeat the purpose, and requiring outbound connections to every server that might want to communicate with you doesn't scale.
Tent v0.1 released Posted Sep 22, 2012 16:30 UTC (Sat) by smoogen (subscriber, #97) [Link]
. Mail just works for almost everyone. While it is true that you have to enter more settings in your mail software than should be strictly necessary, because of things like SMTP filtering, that is a solved problem.
----
You do realize that a) large majority of those email users use email over HTTP in some form or another.. (either via google, hotmail, yahoomail) or the fact that various mail clients send their mail over HTTP in ugly ways to get around such firewalls?
And the games are run via various proxy daemons in firewalls that basically use HTTP.
Your arguments are 13+ years too late :/. You can join me on the front porch and yell at the kids to get off the lawn.. but that is about it. The problem is that HTTP turned out to be a nicely documented protocol that had lots of stuff written around it. It sure beats the people who would use the LPD printing or the SMTP email protocol for everything before hand. Before that the majority of programmers used UUCP as their basis. I say this from dealing with various network programs written in the 1980s and looking at why they weren't working in the 2000's due to firewalls and such. Most of them didn't have a custom protocol but were using one of those three as their basis.. mainly because they were there, they had been written and the programmer didn't have to deal with too much bikeshedding over what new command was needed to fulfil some esoteric task.
HTTP a nicely documented protocol? Posted Sep 23, 2012 7:13 UTC (Sun) by oldtomas (guest, #72579) [Link]
Glad you mentioned SMTP:
"It sure beats the people who would use the LPD printing or the SMTP email protocol for everything before hand"
You do realize that HTTP basically *is* SMTP: command line (just "GET" vs. "MAIL FROM", capitals included), CRLF separated headers, blank (CRLF line) then body? They just forgot the last line with a single dot (and are a bit more forgiving about what goes in the body, an attitude which turned around and has bitten us in the ass ever since (go read about "Content-Length" in the relevant RFCs if you don't know what I mean).
Of course, a multitude of contraptions have been bolted-on afterwards, some which look like wings, other like corkscrews. Flow control. A streaming (100 CONTINUE et al) protocol tacked upon a packet protocol (the original HTTP/1.0, akin to SMTP) with a rudimentary flow control, running over a much more sophisticated streaming protocol (TCP). No. If HTTP looks nice to you it's because you didn't look too much into it.
Actually it's chewing gum and bailing wire.
On a more general (and more on-topic) note: don't read in that a negative attitude towards Tent itself: I think it's a nifty idea, worth to take off -- I serioulsy hope it does (and having looked at their Git repo, the one thing I most wish would be a plain language description of the protocol they envision, rather than a fuzzball of Ruby and PostgreSQL. But I just might be blind -- or that may be in the making).
Tent v0.1 released Posted Sep 22, 2012 17:42 UTC (Sat) by geofft (subscriber, #59789) [Link]
Have you completely forgotten about webmail? Most users access their email client over HTTP. Port 25 works from one mail server to another (of course), but generally not between home users and their mail servers.
Port 80 inbound to home users also tends not to work.
Tent v0.1 released Posted Sep 23, 2012 20:39 UTC (Sun) by drag (subscriber, #31333) [Link]
The only people that I know that use email clients on their computers are Linux geeks and employees that are required to use Outlook. Even the majority of the hardcore folks that I know once managed their own email servers for personal uses have long since abandoned them for Gmail.
Email is a huge pile of shit on many levels and while everybody still uses it nobody wants to deal with it.
Maybe if it tied itself into DNSSEC and made it so people actually could trust the originator of the email to be who they claim to be it may move back into the 'things that don't totally suck' category of software, but I am pretty sure it is just too far gone at this point.
Even professionally managed webmail is getting more and more useless. Which is one of the reasons we see the rise of 'social networking'.
Tent v0.1 released Posted Sep 29, 2012 10:29 UTC (Sat) by Jandar (subscriber, #85683) [Link]
> No, they don't. Most ISPs filter block 25 in both directions, and many block IRC since it's used for botnet coordination. Have you tried it (on an ISP that is commonly used by the technically uninformed majority)?
I'm using the biggest ISP in my country, obviously the commonly used one by the technically uninformed majority. Of course it doesn't filter any ports, doing so would create very bad PR and loss of many customers. Are there really major ISPs filtering? How can such customer-screwing ISPs remain in business outside of a niche-market?
Tent v0.1 released Posted Sep 29, 2012 10:38 UTC (Sat) by nix (subscriber, #2304) [Link]
Filtering is, alas, almost ubiquitous in the UK: you have to go to specialist ISPs to find ones that let you get unfiltered access, and even *they* egress-filter port 25 because if they didn't worm-infested Windows boxes would lead to their entire netblock being blacklisted.
My sister's using an ISP that explicitly egress-filters and bans everything other than HTTP and SSL in its almost-impossible-to-find terms of service (email? use webmail), and transparent-proxies the HTTP and HTTPS over some sort of carrier-grade NAT horror that drops all connections after half a minute or so on the assumption that a web browser will immediately re-initate it and no other application matters. She's happy with it, but when I go there there's no way I can ride an SSH connection over a TCP link that unreliable, not even with proxytunnel.
(I'll admit I'm wondering about some sort of interstitial thing that would make an intermittent TCP connection appear like a constant one, re-establishing where necessary, making this sort of thing work again. Unfortunately the client end would almost certainly have to work on Windows because most systems I encounter when travelling run Windows, and that is beyond my sphere of expertise.)
|
|||||||||||||