REPLY: 2:280/5555 5dfe0c99   
   MSGID: 1:153/757 5dfea125   
   CHRS: UTF-8 2   
   TZUTC: -0800   
   TID: hpt/lnx 1.9.0-cur 2019-12-05   
   Hello Michiel,   
      
    MV>>> That does not make it better for use in Fidonet. Fidonet is not   
    MV>>> the InterNet, it just makes use of it.   
      
    AI>> There are very few dial-up nodes today. The vast majority of   
    AI>> traffic today is carried over the internet. That is unavoidable   
    AI>> unless we go back to dial-up and I don't think that is going to   
    AI>> happen.   
      
    MV> Sure POTS is on the way out. Fidonet uses the Internet as the main   
    MV> means of transport. So?   
      
   My comment is simply a comment on your comment.   
      
   Binkd is and always has been a TCP/IP mailer. Fidonet is not the internet but   
   we are listening and talking over the internet.   
      
    AI>> The TLS option is a very secure one.   
      
    MV> There is no such thing as universal security. I have reason to trust   
    MV> the electronic key that protects my car against theft. It does not   
    MV> protect against a thief breaking into my house to steal the key. It   
    MV> also does not protect against a thief with a row truck.   
      
   There are different approaches to security. You just need one that works for   
   you. I also have an onion address that I do/can use over the internet. It is   
   also very secure and fairly simple to impliment. I don't like that solution and   
    I don't think others would either so I am looking for something simple and   
   secure that isn't hard for nodes to implement.   
      
    AI>>>> Maybe I said that wrong. How about this. Binkd's CRYPT option   
    AI>>>> is weak (by todays standards).   
      
    MV>>> In what way is it weak? Has it been cracked?   
      
    AI>> Yes, many years ago.   
      
    MV> In the context of Fidonet or in the context of PkZip?   
      
   That algorithm. The same is true of the algorithm used by rar. The folks behind   
    the rar archiver may has changed the algrithm they use today, I don't know.   
      
    AI>>>> Maybe we should think about using something more up to date,   
    AI>>>> like TLS.   
      
    MV>>> "More up to date" is not better by definition. With governments   
    MV>>> that keep pushing for backdoors in encryption, "someting more up   
    MV>>> to date" may actually be a step back.   
      
   I still think the TLS option would serve us well.   
      
    AI>> TLS has been developed in the open so no backdoors there.   
      
    MV> 1) Open source is no absolute guarantee against backdoors or other   
    MV> weaknesses.   
      
   Open source is free and available to everyone, including the source.   
      
   I think TLS is a good option but it's not the only one. We could come up with a   
    new protocol that does what we want/need it to do. Someone would need to do   
   and maintain that. If someone did that I would support their efforts.   
      
   TLS was designed for this purpose. With TLS already on the table I don't think   
   anyone will do that.   
      
    MV> Sorry, I see TLS in Fidonet as shooting on a musquito with a canon.   
      
   Too much of a good thing?   
      
   I think TLS is a good way forward. It has already been implemented in BinkIT   
   and to some degree in Mystic. If binkd had support for it also these mailer   
   could communicate securely.   
      
    Ttyl :-),   
            Al   
      
   --- GoldED+/LNX 1.1.5-b20180707   
    * Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)   
   SEEN-BY: 1/123 57/0 90/1 103/705 153/250 154/10 203/0 220/70 221/0   
   SEEN-BY: 227/114 229/101 200 354 426 1014 240/5832 249/307 317 267/800   
   SEEN-BY: 280/464 5003 5555 292/854 310/31 317/3 342/200 396/45 423/120   
   SEEN-BY: 712/848 770/0 1 100 340 772/0 1 210 500 2452/250   
   PATH: 153/757 250 770/1 280/464 229/426