Hello Alan,

On Friday December 13 2019 16:21, you wrote to me:

 MV>> It may even have an adverse effect. IMHO for us small fish the
 MV>> best defence against a hostile regime is to stay below the radar.
 MV>> Refrain from being an interesting target, so they don't take that
 MV>> closer look. Using TLS may draw their attention....

 AI> Security by obscurity is not a good way forward.

That depends. But not using TLS is hardly "obscurity" isn't it?

I am still puzzled. I appreciate that binkd over TLS may be an interesting
challenge from the technical POV. As such I may give it a try myself one day if
I figure out how to do it under Windows.

I can understand why one would use https instead of http when dealing with
sensitive information such as bank account numbers etc. But for Fidonet? What
are you trying to hide/protect from whom? TLS does not hide the meta data such
as what IP communicates with what other IP. Binkd already has encryption on the
pkt content level. Plus that 99% of Fidonet is echomail and encryting echomail
makes little or no sense. For routed netmail, using encrytion on the transport
level does not protect against snooping by sysops en route.

So other than the pure sensation of a technical challenge, why?


Cheers, Michiel

--- GoldED+/W32-MSVC 1.1.5-b20170303