Subj : Binkd and TLS
To   : Alan Ianson
From : Michiel van der Vlist
Date : Sun Dec 15 2019 11:45 am

Hello Alan,

On Sunday December 15 2019 02:15, you wrote to me:

 MV>> I can understand why one would use https instead of http when
 MV>> dealing with sensitive information such as bank account numbers
 MV>> etc. But for Fidonet? What are you trying to hide/protect from
 MV>> whom?

 AI> I have nothing to hide. I would just prefer to be secure that
 AI> unsecure.

Just watch out for a false sense of security.

 MV>> TLS does not hide the meta data such as what IP communicates with
 MV>> what other IP. Binkd already has encryption on the pkt content
 MV>> level.

 AI> I don't want or need to hide the fact I am on and using the internet.
 AI> I would like passwords to be hidden from anyone who might be snooping
 AI> my traffic.

Binkd already has secure verification of the session password. Other passwords 
are automatically secured by binkd's own encryption. an extra TLS layer adds 
nothing to that. 
 MV>> Plus that 99% of Fidonet is echomail and encryting echomail makes
 MV>> little or no sense. For routed netmail, using encrytion on the
 MV>> transport level does not protect against snooping by sysops en
 MV>> route.

 AI> Mystic's implementation of all this includes netmail optionaly. When
 AI> Mystic nodes use an encryption key between nodes netmail between them
 AI> is encrypted. If it is stored, it is stored in an encrypted state.

For end to end message encryption and authorisation we have PGP. Served me well 
for three centuries.

 AI> I know this because I had a typo in my encryption key at one time and
 AI> could not read my own netmail.. :)

That shows that one can overdo it. I see no advantage in storing my netmail in 
encrypted form. It just makes things difficult for me. To read my stored 
netmail one needs physical access to my system.

I don't have locks on my bathoom either. Just a warning that it is in use. 
Anything moe just makes life more difficult fo myself.

 MV>> So other than the pure sensation of a technical challenge, why?

 AI> It's not sensational. It is just security. Security must be important
 AI> at some level or there would not be a crypt option at all.

Of course it is important at some level. But one can overdo it and than it gets 
in the way of comfort. I protect the codes for internet banking and use a 
secure link for it. But I am not going out of my way to protect my toilet 
against unauthorised use. That just makes life difficult for me in case of .. 
well guess what.. ;-)

 AI> I think TLS is just the way it is done today.

Hmmm... I have my doubts. Have you heard about the Diginotar debacle? Diginotar 
was a Dutch CA. It was hacked and all the certificates were compromised.

Other CAs have had problems with security too.

As I said, I consider it a technical challenge. When I find a way to get it 
working with Windows, I may give it a try. But I won't feel ant safer than I 
already am with binkd's own security.


Cheers, Michiel

--- GoldED+/W32-MSVC 1.1.5-b20170303
 * Origin: http://www.vlist.eu (2:280/5555)

.