MSGID: 2:5030/1997@fidonet 5eb34264   
   REPLY: 1:153/757 5eb32192   
   CHRS: CP850 2   
   TZUTC: 0300   
   TID: FastEcho 1.46.1 43272   
   Hello Alan!   
      
   On Wed, 06 May 2020 at 13:34 -0700, you wrote to me:   
      
    AI>>> I say it is secure because it is! Arguing that it isn't is just   
    AI>>> plain silly.   
    AF>> No it is not. Thinking that obfuscation equals security is silly.   
    AI> What obfuscation and/or lack of security do you speak of?   
      
   I think I already explained it. If you cannot verify certificate that was used   
   for encryption, there is no security in this encryption, only obfuscation   
   (it's harder to read/modify communication but still possible via MitM attach   
   which will go unnoticed).   
      
    AI>>> We could use some kind of in house certificates in fidonet. We   
    AI>>> would have to build and maintain all that.   
    AF>> There are many options. For example, have centralized certificate   
    AF>> issuer or have pubkeys in nodelist or DNS. The only problem is   
    AF>> that there is no standard to implement.   
    AI> If you want that info in the nodelist then the nodelist standard comes   
    AI> into play. If the nodelist had that info we could look there but that   
    AI> is not the case.   
      
   I didn't say I wanted it there. It was just an option, one of many.   
      
    AI> If my current certificate is not good enough then what would be and   
    AI> why?   
      
   You are using certificate issued by a trusted CA that matches your domain   
   specified in nodelist, which is fine. If there would be a standard for binkps   
   requiring INA to be present and contain a valid domain name, then mailers   
   could verify certificates based on domain names and trusted CA, as web   
   browsers do. But without a standard there is no security. If there will be an   
   IP address in the INA field, how can you verify certificate validity?   
      
      
   ... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net   
   --- GoldED+/W32-MSVC 1.1.5-b20180707   
    * Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)   
   SEEN-BY: 1/123 50/109 90/1 103/705 120/340 601 154/10 203/0 221/0   
   SEEN-BY: 221/6 226/30 227/114 702 229/101 200 426 664 1014 240/2100   
   SEEN-BY: 240/5138 5832 5853 6309 249/109 307 317 280/464 5003 5555   
   SEEN-BY: 288/100 292/854 8125 310/31 320/219 342/200 396/45 423/120   
   SEEN-BY: 451/30 452/166 463/68 467/888 469/122 712/848 770/1 2432/390   
   SEEN-BY: 2452/250 2454/119 5000/111 5001/100 5005/49 5015/255 5019/40   
   SEEN-BY: 5019/42 5020/290 329 715 806 828 846 848 921 1042 1519 2047   
   SEEN-BY: 5020/2140 4441 12000 5022/128 5023/12 24 5030/1081 1900 1997   
   SEEN-BY: 5034/13 5053/54 57 58 5054/8 5057/19 5060/900 5064/56 5075/35   
   SEEN-BY: 5075/128 5080/68 102 5083/444   
   PATH: 5030/1997 5023/24 5020/715 4441 1042 280/5555 464 240/5832   
   PATH: 229/426