Subj : Re: Re^8: Directly include binary data in messages

Subj : Re: Re^8: Directly include binary data in messages
To : Tim Schattkowsky
From : James Coyle
Date : Mon Mar 21 2022 03:16 pm

TS> So is there now any implementation BinkP implementation using STARTTLS
TS> and what are the details?
TS>
TS> BTW: RFC8314 suggests already in the introduction that for email,
TS> implicit TLS should be preferred over STARTTLS :)

Yes there is. I did a STARTTLS-enabled BINKP a few years ago and its currently available in Mystic that you can download here:

http://www.mysticbbs.com/downloads/prealpha/

I have sent the documentation over to Rob for implementation and/or feedback but I didn't want to post it here yet to avoid trolling. I'd be happy to e-mail it along to you as well if you're interested in supporting it!

TS> BTW: RFC8314 suggests already in the introduction that for email,
TS> implicit TLS should be preferred over STARTTLS :)

Implicit would be great (and Mystic actually implements both implicit and opportunistic TLS v1.2 with BINKP), but the problem with implicit is two-fold:

1) For mass adoption, having a self-upgrading connection is probably the most realistic to be used. In other words, existing setups wouldn't have to be changed in order to support it. No additional nodelist flags, etc, would be needed. It wouldn't break any existing systems while those that support it would simply just work.

2) The IANA has denied officially giving us a port for BINKPS, which means that implicit SSL can never be an official standard unless they were to some how be persuaded to change their mind.

Mostly due to #2 it seems to me like the best approach for us to move forward would be to adopt Mystic's opportunistic TLS or some variation of it. Or to support both, ideally?

... That's not a bug, it's an undocumented feature

--- Mystic BBS v1.12 A48 2022/03/14 (Windows/64)
* Origin: Sector 7 * Mystic WHQ (1:129/215)