TID: FMail-W32 2.1.3.7-B20170919   
   RFC-X-No-Archive: Yes   
   TZUTC: 0100   
   CHRS: CP850 2   
   MSGID: 2:280/5555 5dfe0c99   
   REPLY: 1:153/757 5df95e96   
   Hello Alan,   
      
   On Tuesday December 17 2019 14:32, you wrote to me:   
      
    MV>> "Secure" is meaningless without specifying against WHAT. What   
    MV>> threats are we securing against?   
      
    AI> Any and all.   
      
   That is not a realistic goal. One can not effectively defend if one has no   
   idea about who or what is the threat.   
      
    AI> I believe that TLS is an open standard, largely accepted as a secure   
    AI> mechanism for internet transport today.   
      
   That does not mean it is good or not good for the specific needs of Fidonet.   
      
    MV>> That does not make it better for use in Fidonet. Fidonet is not   
    MV>> the InterNet, it just makes use of it.   
      
    AI> There are very few dial-up nodes today. The vast majority of traffic   
    AI> today is carried over the internet. That is unavoidable unless we go   
    AI> back to dial-up and I don't think that is going to happen.   
      
   Sure POTS is on the way out. Fidonet uses the Internet as the main means of   
   transport. So?   
      
    AI>>> and I would like to be secure.   
      
    MV>> You keep saying that,   
      
    AI> Yes, it is nothing more than that.   
      
   Secure without knowledge of the threat is no security.   
      
    MV>> In order to move forward, one first has to know which direction   
    MV>> matches "forward".   
      
    AI> The TLS option is a very secure one.   
      
   There is no such thing as universal security. I have reason to trust the   
   electronic key that protects my car against theft. It does not protect against   
   a thief breaking into my house to steal the key. It also does not protect   
   against a thief with a row truck.   
      
    AI>>> Maybe I said that wrong. How about this. Binkd's CRYPT option is   
    AI>>> weak (by todays standards).   
      
    MV>> In what way is it weak? Has it been cracked?   
      
    AI> Yes, many years ago.   
      
   In the context of Fidonet or in the context of PkZip?   
      
    AI>>> Maybe we should think about using something more up to date,   
    AI>>> like TLS.   
      
    MV>> "More up to date" is not better by definition. With governments   
    MV>> that keep pushing for backdoors in encryption, "someting more up   
    MV>> to date" may actually be a step back.   
      
    AI> TLS has been developed in the open so no backdoors there.   
      
   1) Open source is no absolute guarantee against backdoors or other weaknesses.   
      
   2) The weakness need not be in the protocol itself, it could be in the way   
   that it is used. Thje weakness in my car key is how ell I guard the key. If   
   the key falls in the wrong hands, it is useless for potection. TLS depends on   
   the integrity of the authority signing the certificates. If the authority is   
   compromised, so are the certificates and the security of TLS.This has alreaduy   
   happened with the Diginotar CA.   
      
   The main threat in Fidonet has been a malicious sysop masquarading a trusted   
   party to gain access to the secure inbound. A properly configured Fidonet   
   system has the secure inbound protected by a session password. Session   
   passwords ended the mail bomb. Binkp does not exchange the passwords in clear   
   text. Plus that there ar packet passwords. TTBOMK this mechanism has been   
   effective in protecting the secure inbound.   
      
   Please note that the normal implementation of TLS (cerificate for the server   
   only) does not protect against the main threat of Fidonet: someone   
   masquarading as a trusted party to gain access to the secure inbound.   
      
   Nr 2 on the list of threats in Fidonet is snooping on routed netmail. TLS does   
   not protect against that either. You need end to end encryption on the message   
   level for that.   
      
   So what does TLS in Fidonet protect against? Someone snooping on the stream? I   
   say there is no protection against a sufficiently motivated agency with   
   "infinite" resources. Such as a government. And for the rest it does not   
   matter. There is no financial gain to be expected by snooping on Fidonet. For   
   99% it is an exercise in futility anyway. 99% of the traffic in Fidonet is   
   echomail.   
      
   Sorry, I see TLS in Fidonet as shooting on a musquito with a canon.   
      
      
   Cheers, Michiel   
      
   --- GoldED+/W32-MSVC 1.1.5-b20170303   
    * Origin: http://www.vlist.eu (2:280/5555)   
   SEEN-BY: 1/123 90/1 103/705 154/10 203/0 221/0 6 227/114 229/101 200   
   SEEN-BY: 229/354 426 1014 240/5832 249/307 317 280/464 5003 5555 292/854   
   SEEN-BY: 310/31 342/200 396/45 423/120 712/848 770/1 2452/250 5019/40   
   SEEN-BY: 5020/1042 5053/58   
   PATH: 280/5555 464 229/426