Subj : Binkd and TLS
To   : Michiel van der Vlist
From : Alexey Fayans
Date : Tue Dec 17 2019 03:31 pm

Hello Michiel!

On Tue, 17 Dec 2019 at 12:19 +0100, you wrote to me:

AF>> Self-signed certificate means no security, unless you publish
AF>> your CA pubkey somewhere and client verifies it.

MV> Even if one publishes the pub key somewhere. It is still like:

MV> I, Michiel van der Vlist - self appointed Certified Authority - hereby
MV> declare that when Michiel van der Vlist claims to be Michiel van der
MV> Vlist, he is telling the truth. For verifications, download my public
MV> key from my website: www.vlist.eu/pubkey.

MV> A self signed certificate is usefull for testing the setup in the lab.
MV> For real use in the big bad world it is useless.

I mean something different. For example, if it would be somehow possible to
store CA pubkey in the nodelist, it could work.

Or we could have a global FIDONET CA. :)


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)