= Сообщение: 4969 из 7124 ====================================== FTSC_PUBLIC = От : Alan Ianson 1:153/757 22 Nov 19 15:30:16 Кому : Oli 22 Nov 19 15:30:16 Тема : FTSC FGHI : area://FTSC_PUBLIC?msgid=1:153/757+5dd87075 На : area://FTSC_PUBLIC?msgid=2:280/464.47@fidonet+5dd86046 = Кодировка сообщения определена как: UTF-8 ================================== ============================================================================== Hello Oli,
AI>> Yes, James said that he used this method as a start because we AI>> still need to use the current method when encryption is not AI>> supported at both sides of the link. The idea (when it's AI>> possible) is to move away from opportunitic TLS.
Ol> It sounds like a good idea, but it's not (IMHO). We don't have to Ol> repeat the mistakes that others did 20 years ago. There will always be Ol> many mailers that don't support TLS, which means it never would be Ol> possible to move away from opportunistic encryption (by that logic).
Ol> We can just use another default port for binkps. A _binkps._tcp srv Ol> record can point to the TLS port and a nodelist flag with optional Ol> hostname and port parameters can indicate TLS capability.
Yep, agreed. http uses port 80 and https uses port 443. We'll probably want to do that for the same reasons http and https do that.
AI>>>> Would binkp over TLS (or really, any secure method) be a good AI>>>> thing?
Ol>>> Why wouldn't it? :)
AI>> I can't think of a reason. If we could get something to test we AI>> could discover what works, what doesn't, and in time a standard AI>> method of doing this could be established.
Ol> We could test direct TLS with binkp today :)
We should go ahead and do that if that's the case.
I have questions though and I think we should move this chatter elsewhere.