= Сообщение: 6167 из 7128 ====================================== FTSC_PUBLIC = От : Alexey Vissarionov 2:5020/545 25 Feb 22 06:42:42 Кому : James Coyle 25 Feb 22 06:42:42 Тема : Directly include binary data in messages FGHI : area://FTSC_PUBLIC?msgid=2:5020/545+621858b7 На : area://FTSC_PUBLIC?msgid=1:129/215+d488b614 = Кодировка сообщения определена как: CP866 ================================== Ответ: area://FTSC_PUBLIC?msgid=1:129/215+010a4619 ============================================================================== Good ${greeting_time}, James!
24 Feb 2022 12:01:32, you wrote to Tim Schattkowsky:
JC> Synchronet and Mystic support direct BINKP over SSL natively which JC> is a good start to securing transmission.
It's the most stupid thing that could be done.
The SSL was good 15...20 years ago, but now it doesn't conform to modern requirements. Also, it is almost useless in a peer-to-peer environment.
JC> Of course SSL doesn't stop routed netmail from being read by a SysOp JC> in the middle though, so in this case Mystic does AES-256 encrypted
Rijndael? Bwa-ha-ha-ha...
Using the artifically weakened cryptography is a very, very unwise idea.
JC> netmail if its setup with an encryption key for the address being JC> netmailed.
If you want to secure the messages, use GPG: although it also has similar problems with cryptographic strength, the bundle of RSA-4096, SHA2-256 and Twofish-256 still may be considered safe enough.
For securing the communications (binkd does that for years, and only my resignment from FTSC had stopped promoting that to a standard) some other techniques had been invented and implemented. And the most funny thing is implementing your "binkp+SSL" setup with binkd would require just a small editing of the config file.
-- Alexey V. Vissarionov aka Gremlin from Kremlin gremlin.ru!gremlin; +vii-cmiii-ccxxix-lxxix-xlii
