Subj : RE: Secure binkp
To   : Al
From : Alterego
Date : Mon Nov 25 2019 11:26 am

 Re: RE: Secure binkp
 By: Al to Oli on Sun Nov 24 2019 02:25 pm

Al> Sounds like Alexey is thinking on a new protocol. Maybe we'll end up with
Al> a binkd mailer that supports binkp as it is and another protocol for
Al> secure binkp, possibly binkps.

This makes sense to me - it should be binkps. It probably would need a new
nodelist flag and parseing, since IBN is for binkp.

Al> He made it sound like TLS was not a solution, and insecure?

From what I understand (and I havent thought this through, nor am I an expert
in this area) - but if you connect on a non secure channel and the server says
"lets go encrypted" and the client says "not today", then you are no more
secure.

Further, if the client does say "going secure: code is ABC", that code is sent
in the clear, so anybody can see the code on the wire and use the code. I think
that's the crux of it?

Thinking it through further the "Code is ABC" needs to be linked to something
external (time?) so that it's not always "ABC" - but the server recalculates
the code that the client sends and comes to the same answer. Maybe TLS cannot
do it this way...

Now I'm rambling... :(
...����

... It would be illogical to assume that all conditions remain stable.
--- SBBSecho 3.10-Linux
* Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)

You are viewing proxied material from cvs.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.