Subj : Is binkp/d's security model kaputt?
To   : Oli
From : deon
Date : Sun Sep 05 2021 09:59 pm

  Re: Is binkp/d's security model kaputt?
  By: Oli to deon on Sat Sep 04 2021 12:18 pm

 > I would keep the 5D. We are waiting for decades for full 5D support and you want to drop it now, when there is a chance to do it
 > properly?

Yeah, but what value does 5D provide, or what problem does it solve (today)?

 > How do you get from 50 to 37 chars by removing the domains? AFAIK there is also no official length limit of the domain. Some FSC
 > suggest 8 byte, others 64k bytes. Binkd is hard coded to 32 bytes.

The only reference to domain that I could find was FSP-1028 which describes the domain as 8 chars and what those chars can be. The 8 chars can be encoded in 6 bits for each char, or 6 bytes for all 8 chars. In my working of a new packet header, I have 12 chars allocated for the domains, but I'm thinking it could be saved, if 5D wasnt considered.

 > :) What are the remaining 21 chars?

In reality, I think a packet header can be very short possibly shorter that 21 chars/bytes (havent really thought it through in detail). If there is proper authentication of the sender, then a packet from the sender doesnt need to have the senders details in the packet header, nor even a packet password. In fact it may not need the receipients details in the header either - but some other method of identifing whether the receipient will accept and process what the sender is sending - date/packet sequence number, or just a verifiable "signature" etc.

Ultimately the recipient of a packet processes the contents, and decides whether to accept or reject each item in the contents.

 >  d> Yup, there is no reason that the "core" follow the old ways.
 >
 > edge, core, legacy systems ... interesting choice of words for something that doesn't even exist.

I disagree - there was always a "core", and in some respects there still is. "Someobody" assigns you with an address that has a parent. Some othernets operate that way even though "fidonet" (or some systems) try not to. That core represents the subset of systems in a network that offers and a majority of systems collects mail from. It also represents a guarantee of a system to collect mail from, if you dont have other arrangements.

 > What is it good for if we don't even manage to have proper FTN-style paragraphs and quotes?

Well that's not a problem for the "infastructure" to solve, but I agree, it would be nice if it was handled consistently.


....כמון
--- SBBSecho 3.14-Linux
 * Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)

.