Subj : Secure BBSing
To   : All
From : NuSkooler
Date : Sun Nov 05 2017 09:14:18

I'd like some input on ideas for securing BBSing. Some things I've implemented
/ want to implement in ENiGMA 1/2 around this area:

	* (Have) SSH and Secure WebSockets (wss://) support. Plain text (Telnet)
across the internet is simply a bad idea.
	* (Have) Strong PBKDF2 password hashing. No one should know or be able to know
 your password. 
	* (Have) ACS flags around secure state. If you're not secure, you can't access
 file/message/whatever features
	* (ToDo) Public key login. Securely upload a public key and switch your
account to requiring public key vs password for SSH
	* (ToDo) Secure-lock account. Allow a user to set their account to secure
only. Logins will no longer be allowed if non-secure.
	* (Have) HTTPS (TLS) downloads.
	* (ToDo) HTTPS (TLS) uploads. SFTP may be a option here (inc d/l of course)
	
Bigger future work I'd like to do:
Fully E2E encrypted messaging network. This would only be available to users 
with previously mentioned secure ACS (else a 3rd party may be going
non-secure). 

....thoughts, comments, ideas, rants?


--- ENiGMA 1/2 v0.0.8-alpha (linux; x64; 6.11.3)
 * Origin: Xibalba -+- xibalba.l33t.codes:44510 (700:100/9)

.