Subj : Binkd and TLS
To   : Michiel van der Vlist
From : Alexey Fayans
Date : Tue Dec 17 2019 03:31 pm

Hello Michiel!

On Tue, 17 Dec 2019 at 12:19 +0100, you wrote to me:

 AF>> Self-signed certificate means no security, unless you publish
 AF>> your CA pubkey somewhere and client verifies it.

 MV> Even if one publishes the pub key somewhere. It is still like:

 MV> I, Michiel van der Vlist - self appointed Certified Authority - hereby
 MV> declare that when Michiel van der Vlist claims to be Michiel van der
 MV> Vlist, he is telling the truth. For verifications, download my public
 MV> key from my website: www.vlist.eu/pubkey.

 MV> A self signed certificate is usefull for testing the setup in the lab.
 MV> For real use in the big bad world it is useless.

I mean something different. For example, if it would be somehow possible to 
store CA pubkey in the nodelist, it could work.

Or we could have a global FIDONET CA. :)


.... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
 * Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

.