Hello Michiel,
TK>> Why not? :)
MV> I can think of several reasons:
MV> 1) Don't fix it if it ain't broke. I am not convinced yet that binkd's
MV> security is broke and needs fixing.
I don't think binkd or the binkp protocol are broken and need fixing.
MV> I am not convinced that TLS offers better protection against snooping
MV> than what binkd alread hasy. Half of TLS is providing authoritative
MV> identity to the server. I don't see any value for that in Fidonet.
MV> TTBOMK there has been no case of someone succesfully setting up a
MV> rogue node amd maskerading for someone else. If only because there is
MV> no bussines model..
This has happened in the past. nobogus comes to mind.
TLS certainly offers better security. No question.
MV> 2) It violates the KISS principle. I see little or no added value in
MV> adding TLS to Binkd. In the case of Binkd it just makes things more
MV> complicatied and prone to misconfigutaion and other mishaps.
It does require some setup. Synchronet's BinkIT mailer currently has support
for a binkps listener setup like this in Synchronet's services.ini
[BINKPS]
Port=24553
Command=binkit.js
Options=TLS
That's it for a binkps listener. To poll a node over a binkps capable link add
"BinkpTLS=true" in that nodes section of sbbsecho.ini along with the
appropriate port.
The above seems pretty simple to me. I'm hopefull that we can also do this just
as simply with binkd but we'd need some help and input from the binkd
developers.
This was all done without changing binkp. We have simply put binkp on a secure
channel.
MV> 3) If it were integrated in Binkd it would be one thing, but I looked
MV> at stunnel for Windows and it exists. But it does not look all that
MV> easy to implement. There is lots of room for typos and other errors.
Yes, that is what we need. Perhaps binkd could also listen on port 24553 (or
whatever port you choose) for binkps (binkp over TLS) and an easy way to poll
binkps capable nodes, something along the lines of BinkpTLS=true.
MV> 4) The stunnel method does not scale well. It has the same problem as
MV> running an old IPv4 only application via a 6to4 proxy. Incoming is
MV> easy, outgoing requires a dedicated setting for each destination. Does
MV> not scale well beyond 10 destinations or so.
I have not been able to figure this out but I see some nodes do this
successfully with binkd. The binkd developers may have a better way.
MV> 5) A weakness of TLS is that it depends on a third party: the
MV> Certificate Authority. I don't like to be dependant om a third party.
MV> Fidonet was designed as a peer to peer network.
I currently use a self signed certificate. I could also get a certificate from
letsencrypt or elsewhere if that would be better.
Do folks still use PGP? Something like that is also possible although we are
stepping away from simplicity again.
MV> 6) I suspect the main reason for the existance of certificates is that
MV> it is a bussiness model for those issuing the certificates.
I do have a certificate from letsencrypt that I use for my domain. It hasn't
cost me any extra $$$ to date.
Ttyl :-),
Al
--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)
|