Subj : Directly include binary data in messages
To : James Coyle
From : Alexey Vissarionov
Date : Fri Feb 25 2022 11:22 am
Good ${greeting_time}, James!
25 Feb 2022 01:10:58, you wrote to me:
AV>> JC> Synchronet and Mystic support direct BINKP over SSL natively
Your software fails to quote the text correctly. For example, this word:
AV>> which
^^^^^
wasn't written by me.
When quoting, the correctly written software should add one '>' character to _the_ _tail_ of existing quote prefix, so /^ XY>>/ should become /^ XY>>>/
AV>> It's the most stupid thing that could be done.
AV>> The SSL was good 15...20 years ago, but now it doesn't conform to
AV>> modern
JC> Okay so tell me what is better than TLS 1.3 then
SSH is a really good example.
JC> since you seem to think you know more about security than the entire
JC> security industry.
I'm _in_ that industry.
JC> Every enterprise on the planet uses an iteration of secure socket
JC> layer most commonly TLS 1.2 in 2022.
Here you said "enterprise"... Most of them have no other option than HTTPS.
AV>> JC> Of course SSL doesn't stop routed netmail from being read by a
AV>> SysOp
AV>> JC> in the middle though, so in this case Mystic does AES-256
AV>> encrypted
AV>>
AV>> Using the artifically weakened cryptography is a very, very unwise
AV>> idea.
JC> If the widespread enterprise-level adoption of AES-256 is inferior
JC> and very very unwise for two-way encryption, then please let us (and
JC> the rest of the security world) know what should be used instead?
For the standard: second finalist and the real winner - Twofish.
For the practical purposes: Twofish, Threefish or Grasshopper.
That's about the symmetric ciphers. Also there are hash functions much more efficient and stronger than SHA family (Skein, Streebog). And finally, the public-key algorithms I can recommend are the old good RSA (with at least 8192-bit keys, of course) and the elegant ED25519 (based on Edwards curve).
JC> How will be ever protect our highly classified FidoNet netmail with
JC> the never-been-compromised AES-256? lolol
AES is the standard (what a shame... american standard is based on a foreign development) prescribing the use of Rijndael algorithm.
Also, what mode do you prefer for it? CBC, CFB, CTR, ECB, GCM, XTS, or?
JC> Assuming there is no future flaw discovered in the algorithm, it
JC> would take every single computer on the planet thousands of years to
JC> brute force a single AES key.
You mean the 20-years-old SP-net with fixed non-random S-blocks? I have some really bad forecast for you...
JC> I don't think you could have possibly missed the mark any more than
JC> you did with this post lol.
"�� �㯮��..."
--
Alexey V. Vissarionov aka Gremlin from Kremlin
gremlin.ru!gremlin; +vii-cmiii-ccxxix-lxxix-xlii
