Shane Hathaway wrote: > But you don't need reliability compensation to multiplex. SSH assumes > the transport layer is reliable. So an SSH tunnel and an SSL tunnel are > virtually synonymous.
They're not really, but yeah, I was wrong :) A SSL forwarder takes a packet, and then sends over another TCP connection that happens to be encrypted. It's basically a TCP port forwarder. Multiple client connections through the local SSL forwarder (e.g. stunnel) will run over *multiple* outgoing streams: client --> stunnel on localhost ---> stunnel on www.foo.com ----> server on www.foo.com SSH OTOH uses a multiplexing protocol, where multiple streams of data run over the same connection, and each have their own flow control. Multiple client connections over a SSH port forwarder will run over the same *single* stream. A third thing is TCP over TCP, i.e. PPP over SSH or SSL, which functions as a full network connection. > The Python standard library has good support for an SSL client but not > for an SSL server. pyOpenSSL is good for both servers and clients. Could be better, but it's easy to start using it, especially for select() based servers (its thread-safety is iffy). Twisted's SSL stuff uses it, and latest version of pyOpenSSL may have asyncore example. _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )