Subj : Re: Packet password case insensitive or not?
To   : Rob Swindell
From : Wilfred van Velzen
Date : Wed Apr 22 2020 09:52:47

Hi Rob,

On 2020-04-21 16:12:07, you wrote to me:

 RS> SBBSecho has always treated packet passwords case-INsensitively. It is
 RS> unfortuate that so many of the fido specifications were so badly
 RS> written to begin with and the resulting ambiguities and contradictions
 RS> have never been sufficiently addressed by the FTSC.

There is no ambiguity for packet password case sensitivity. It's just not 
specified, so anything goes...

 RS> Luckily, with password-protected mail sessions the norm these days,
 RS> packet passwords are kind of moot and probably should just be
 RS> deprecated. Doubt that'll happen though.

I don't agree here. Packet passwords provide an extra layer of security. For 
instance without it, anyone can drop a .pkt file in your insecure inbound with 
a falsified source address and echomail in it. If you process .pkt files from 
your inbound automatically, it will get tossed, if there is no packet password 
agreeded upon for the falsified source...

Bye, Wilfred.

--- FMail-lnx64 2.1.0.18-B20170815
 * Origin: FMail development HQ (2:280/464)

.