Subj : RE: Binkd and TLS
To   : Michiel van der Vlist
From : Alan Ianson
Date : Sun Dec 22 2019 13:45:18

 Mv> Is there a documented case of someone successfully gaining
 Mv> unauthorised access to the secure inbound of a Fidenet node by
 Mv> breaking the algoritm and doing any harm that way?

 Mv> Is there a documented case of anyone listening in on the stream by
 Mv> breaking the  algoritm and causing any harm that way?

I have no such documents and I hope I never will. You are not under
threat from me or any fido operator TTBOMK. We all have port 24554 (or
others) open on our computers. I think it would be prudent to simply
lock that door.

 AI> I still think the TLS option would serve us well.

 Mv> I say for Fidonet it is shooting a canon at a musquito.

TLS is a big weapon.

TLS is transport layer security, a  cryptographic protocol designed to
provide communications security over a computer network. The TLS
protocol aims primarily to provide privacy and data integrity between
two or more communicating computer applications.

The above is largely a cut 'n' paste from wikipedia but is sums up my
reasons for suggesting it.

 AI> Too much of a good thing?

 Mv> Too much hassle for the added value.

If you are happy with what you have nothing further is required.

TLS has been developed by many people over many years and continues to
be developed. It is provided by the OS at no cost for use cases like
this. We can simply implement it in binkd if we choose to do so. 

It's possible we could design, implement and maintain our own protocol
for this purpose. I'm not sure if anyone is with us today with the
skills, know how and time to devote to that, but I would support that
option as well.


--- MagickaBBS v0.13alpha (Linux/x86_64)
 * Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

.