* Originally in FIDONEWS
* Crossposted in BINKD

Hi Oli,

On 2019-12-14 08:29:58, you wrote to Rob Swindell:

Cool. Next steps are probably to define (or get IANA to assign) an
"official" binkps TCP port number. And then maybe a nodelist flag
should be defined so nodes supporting binkps (instead-of or
in-addition-to binkp) can be automatically identified.

There is much more to do for the standardization. An IANA number is the least important.

But we should agree in fidonet on the default/preferred port to use! So it doesn't have to be specified in the nodelist if you use the default.
(24553 is unassigned by IANA)

Do we really need an official port number? Or is it better to rely on other ways as many nodes use a non-standard port number anyway:
- SRV records (_binkps._tcp should be mandatory)

Not everyone's dns "interface" is able to set this I think.

- Nodelist flag (INBS?)

You mean IBNS: ? Most flags seem to be a 3 letter combination, so maybe use: IBS: ?

- should we allow self-signed certificates? (yes)

With the existence of letsencrypt it's not really necessary. But I think it's up to the individuals. As 'client' you should decide for yourself if you really
want to connect to a server with a selfsigned certificate.

- which TLS version are allowed? (>= TLS v1.3)

I think we should follow common practice on the "wider" internet...

- should the client use alpn?

If necessary. ;)

But I have access to a lot of linux machines, older and newer. But none of the openssl and ncat versions I checked seem to support it...?

Bye, Wilfred.

--- FMail-lnx64 2.1.0.18-B20170815
* Origin: FMail development HQ (2:280/464)

Hello Alan!

On Mon, 16 Dec 2019 at 14:29 -0800, you wrote to me:

No it doesn't. MitM attack can only fool client into thinking
that TLS is not supported. But you can require TLS on a client
side and it will just disconnect, no harm done.

I believe it does.

It's not about believing. You can read on wikipedia for example about MitM and STARTTLS. MitM can fool client into thinking STARTTLS is not supported. Mitigation is requiring encryption on client side. As simple as that.

That's why STARTTLS has been depricated.

It's not deprecated globally. Deprecation is only _proposed_ for SMTP and other
mail protocols and there are reasons for that, but that doesn't mean it is deprecated for everything else.

I don't think the binkd developers are going to bring STARTTLS to the table but we need to hear from them.

Exactly.

Synchronet's implementation is looking good to me. Direct TLS
and is working in my experience.

Still it requires modification to configurations, nodelist
changes and probably DNS changes as well. STARTTLS would
eliminate all of that.

It requires a binkps listener to receive and "BinkpTLS=true" in the
node section of sbbsecho.ini for nodes you want to poll with binkps.

Synhcronet is not the only software out there. And manual configuration is not even an option. Globally, (1) a new nodelist flag is required to indicate support if binkps and its port; (2) binkps must be supported on DNS level as well, i.e. _binkps._tcp SRV records; (3) nodelist parsers must be updated to understand new flag; (4) additional configuration must be introduced in mailers
to support binkps, and for binkd it may be an issue since node records were not
designed for multiple protocols based on different ports.

With STARTTLS none of this is a problem. Additional configuration flag to require TLS connection is easy to implement, nodelist flag is optional and may be used to tell client to require TLS when connecting to supporting node, and additional DNS SRV records are not needed as well.

In fact this doesn't look like a good place to discuss technical
stuff, BINKD seems like a better one.

I have eyes on the area so we can move the discussion there if you
like.

Sure, I'll crosspost it there.

* Originally in FIDONEWS
* Crossposted in BINKD


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

No it doesn't. MitM attack can only fool client into thinking
that TLS is not supported. But you can require TLS on a client
side and it will just disconnect, no harm done.

I believe it does.

It's not about believing. You can read on wikipedia for example about
MitM and STARTTLS. MitM can fool client into thinking STARTTLS is not supported. Mitigation is requiring encryption on client side. As
simple as that.

If you already know that the other side supports encryption and you want to enforce it, you don't need STARTTLS.

I don't think the binkd developers are going to bring STARTTLS to
the table but we need to hear from them.

Exactly.

The had plenty of time. binkp is not only used by binkd. Direct TLS works today
with binkd with some helper software.

Synhcronet is not the only software out there. And manual
configuration is not even an option. Globally, (1) a new nodelist flag
is required to indicate support if binkps and its port;

Now we need to stop introducing new nodelist flags?

(2) binkps must be supported on DNS level as well, i.e. _binkps._tcp
SRV records;

not need if you have a nodelist flag. nodelist flag not needed if there is a _binkps._tcp record.

(3) nodelist parsers must be updated to understand new flag;

Yeah, you should use a nodelist parser that gets updated occasionally.

(4) additional configuration must be introduced in mailers to support binkps, and for binkd it may be an issue since node records were not designed for multiple protocols based on different ports.

So software has to be updated in both cases, especially the mailer. You still can use unencrypted or CRYPTed sessions, if your software doesn't has support for any new encryption scheme.

With STARTTLS none of this is a problem. Additional configuration flag
to require TLS connection is easy to implement, nodelist flag is
optional and may be used to tell client to require TLS when connecting
to supporting node, and additional DNS SRV records are not needed as
well.

Do we have a proposal for binkp STARTTLS that doesn't leak unencrypted meta-data?


* Origin: kakistocracy (2:280/464.47)

Hello Oli!

On Tue, 17 Dec 2019 at 08:33 +0100, you wrote to me:

It's not about believing. You can read on wikipedia for example
about MitM and STARTTLS. MitM can fool client into thinking
STARTTLS is not supported. Mitigation is requiring encryption on
client side. As simple as that.

If you already know that the other side supports encryption and you
want to enforce it, you don't need STARTTLS.

STARTTLS is needed to run TLS on the same port, and I already explained why it is essential to run it on the same port.

I don't think the binkd developers are going to bring STARTTLS
to the table but we need to hear from them.

Exactly.

The had plenty of time. binkp is not only used by binkd. Direct TLS
works today with binkd with some helper software.

This implementation is a proof of concept, but obviously will not be adopted by
most sysops. And what is the point in security when no-one uses it?

Synhcronet is not the only software out there. And manual
configuration is not even an option. Globally, (1) a new nodelist
flag is required to indicate support if binkps and its port;

Now we need to stop introducing new nodelist flags?

I didn't say that.

(2) binkps must be supported on DNS level as well, i.e.
_binkps._tcp SRV records;

not need if you have a nodelist flag. nodelist flag not needed if
there is a _binkps._tcp record.

That is not true. Some mailers do not support nodelists and rely on DNS. For example, binkd.

(3) nodelist parsers must be updated to understand new flag;

Yeah, you should use a nodelist parser that gets updated occasionally.

Sure. But if something can be done without requiring updates to software, it should be done this way. Less requirements means better adoption.

(4) additional configuration must be introduced in mailers to
support binkps, and for binkd it may be an issue since node
records were not designed for multiple protocols based on
different ports.

So software has to be updated in both cases, especially the mailer.

Yes, the difference is how big are the updates and how much software will need to be updated.

You still can use unencrypted or CRYPTed sessions, if your software doesn't has support for any new encryption scheme.

Of course. And I am sure that most sysops will not move to dedicated TLS port because of the complexity. Why designing something that will not be adopted - that is the big question.

With STARTTLS none of this is a problem. Additional configuration
flag to require TLS connection is easy to implement, nodelist
flag is optional and may be used to tell client to require TLS
when connecting to supporting node, and additional DNS SRV
records are not needed as well.

Do we have a proposal for binkp STARTTLS that doesn't leak unencrypted meta-data?

Client can initiate STARTTLS right away. Server can wait for STARTTLS handshake
a few seconds before starting unencrypted session (this will probably introduce
a few seconds delay with older mailers). Just an example. Probably developers can think of a better way.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Alexey,

It's not about believing.

I'm not going anywhere until I believe, in something. I don't mind having my beliefs proven to be worthless, in fact I appreciate it if they are in fact worthless.

That's why STARTTLS has been depricated.

It's not deprecated globally. Deprecation is only _proposed_ for SMTP
and other mail protocols and there are reasons for that, but that
doesn't mean it is deprecated for everything else.

I have only ever used STARTTLS with smtp. If STARTTLS is proposed to be depricated for smtp I propose we depricate it here too.

Synhcronet is not the only software out there.

No it isn't. It does have a simple to use binkps implementation that other software could use in a similar way.

With STARTTLS none of this is a problem. Additional configuration flag
to require TLS connection is easy to implement, nodelist flag is
optional and may be used to tell client to require TLS when connecting
to supporting node, and additional DNS SRV records are not needed as
well.

I don't think STARTTLS is going to fly. I really have no strong feelings for or
against STARTTLS, I just don't think that is what anyone wants today.

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Hello Alan!

On Tue, 17 Dec 2019 at 03:11 -0800, you wrote to me:

I'm not going anywhere until I believe, in something. I don't mind
having my beliefs proven to be worthless, in fact I appreciate it if
they are in fact worthless.

Well, like I suggested earlier, you can read about STARTTLS on wikipedia, where
you will find confirmation of my words and more examples of weakness mitigation, including DNS based (DANE) and MTA-STS (lHSTS for SMTP).

That's why STARTTLS has been depricated.

It's not deprecated globally. Deprecation is only _proposed_ for
SMTP and other mail protocols and there are reasons for that, but
that doesn't mean it is deprecated for everything else.

I have only ever used STARTTLS with smtp. If STARTTLS is proposed to
be depricated for smtp I propose we depricate it here too.

There is absolutely no point in deprecating it. There are pros and cons everywhere. Weak place of STARTTLS is STRIPTLS attack. In FIDONET we have a nodelist to indicate support of TLS by a node, which mitigates this.

With STARTTLS none of this is a problem. Additional configuration
flag to require TLS connection is easy to implement, nodelist
flag is optional and may be used to tell client to require TLS
when connecting to supporting node, and additional DNS SRV
records are not needed as well.

I don't think STARTTLS is going to fly. I really have no strong
feelings for or against STARTTLS, I just don't think that is what
anyone wants today.

I don't see any reasons why not. Any security method can be implemented in a good or a bad way. If method weakness is taken into account when protocol is designed, there is no problem with it. STARTTLS failed for SMTP because it was not implemented in a secure way.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

On 17.12.2019 12:26, Alexey Fayans : Oli wrote:

That is not true. Some mailers do not support nodelists and rely on DNS. For

example, binkd.

Please don't tell that to my BinkD, it *IS* using the nodelist, not DNS.

17:41 [4913] BEGIN, binkd/1.1a-99/Linux -pP 2:5030/1997 /etc/binkd/binkd.cfg - 17:41 [4913] Nodelist /bbs/file/base/nodelist/Z2DAILY.351 parsed, 1023 IP-nodes processed (0 sec)
17:41 [4913] creating a poll for 2:5030/1997@fidonet (`d' flavour)
17:41 [4913] clientmgr started
17:41 [4914] Substituted * to fido.bsrealm.net. for 2:5030/1997@fidonet by nodelist
+ 17:41 [4914] call to 2:5030/1997@fidonet
17:41 [4914] trying fido.bsrealm.net. [2001:470:28:6ee::1]...
17:41 [4914] connected
+ 17:41 [4914] outgoing session with fido.bsrealm.net:24554 [2001:470:28:6ee::1]
- 17:41 [4914] OPT CRAM-MD5-2412bf666c649c7335440feb795988ee
+ 17:41 [4914] Remote requests MD mode
- 17:41 [4914] SYS Music Station
- 17:41 [4914] ZYZ Alexey Fayans
- 17:41 [4914] LOC St.Petersburg, Russia

:)

'Tommi

--- Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.3.1
* Origin: nntp://rbb.fidonet.fi - Lake Ylo - Finland (2:221/360.0)

Hello Tommi!

On Tue, 17 Dec 2019 at 17:42 +0200, you wrote to me:

That is not true. Some mailers do not support nodelists and rely on
DNS. For example, binkd.

Please don't tell that to my BinkD, it *IS* using the nodelist, not
DNS.

Natively it doesn't support nodelist, but there are perl hooks, that's right. Not everyone is using them, though.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Alexey,

I'm not going anywhere until I believe, in something. I don't
mind having my beliefs proven to be worthless, in fact I
appreciate it if they are in fact worthless.

Well, like I suggested earlier, you can read about STARTTLS on
wikipedia, where you will find confirmation of my words and more
examples of weakness mitigation, including DNS based (DANE) and
MTA-STS (lHSTS for SMTP).

I did read your reasons for using STARTTLS, and I agree with what you have said
about it.

I don't think STARTTLS is what we want today. My thoughts are really unimportant though, that is just what I see generally.

What is important is what the binkd development team thinks about TLS, STARTTLS
or something all together different. That will determine where binkd goes if it goes anywhere at all.

If you have ideas around security in binkd I would send them directly to one of
the binkd developers. Alexey Vissarionov is someone active in Fidonet and is a
binkd deveolper I think. That might be a good place to start.

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Hello Alan!

On Tue, 17 Dec 2019 at 15:02 -0800, you wrote to me:

If you have ideas around security in binkd I would send them directly
to one of the binkd developers. Alexey Vissarionov is someone active
in Fidonet and is a binkd deveolper I think. That might be a good
place to start.

I believe Michael Dukelsky (2:5020/1042) is the last active binkd developer.

I've already expressed my ideas, but here's a summary:

1. STARTTLS is the best option because:
1.1. It works on the same port and therefore will be adopted way faster.
1.2. Can work out of the box without additional configuration.
1.3. Requires significantly less software modified.
1.4. Not less secure than TLS on a dedicated port because it is possible to announce TLS support via nodelist.
2. For any kind of TLS something must be decided on certificate authority.
2.1. We can use internet CAs, but this will require additional binding of fidonet address to internet domain, probably, via nodelist. Doesn't look shiny. 2.2. We can have own CA but this makes fidonet more centralized, we will also have to define a secure way of issuing and delivering certificates.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Alexey,

I believe Michael Dukelsky (2:5020/1042) is the last active binkd developer.

He is next on my list, I didn't realize he was the only developer. I don't yet have enough to reach out and ask him myself. I know I want to be secure but I don't know the best way to go about that. He may very well have better ideas than I do anyway and I am happy enough that we are having this discussion.

I've already expressed my ideas, but here's a summary:

1. STARTTLS is the best option because:

I have read and agree with your reasons for wanting to use STARTTLS. I don't think STARTTLS is what we want today.

In the early going of TLS it was probably the only way forward since there were
many destinations that did not support TLS, that is not the case today. I don't read of anyone adopting STARTTLS today, only depricating it.

1.1. It works on the same port and therefore will be adopted way
faster. 1.2. Can work out of the box without additional configuration. 1.3. Requires significantly less software modified.
1.4. Not less secure than TLS on a dedicated port because it is
possible to announce TLS support via nodelist. 2. For any kind of TLS something must be decided on certificate authority. 2.1. We can use internet CAs, but this will require additional binding of fidonet
address to internet domain, probably, via nodelist. Doesn't look
shiny. 2.2. We can have own CA but this makes fidonet more
centralized, we will also have to define a secure way of issuing and delivering certificates.

I do agree with your reasons for STARTTLS, they are good reasons.

If binkps over TLS was implemented today I think implicit TLS is the way to do it. We need a binkps listener on port 24553 (or the post you intend to use) and
a way to start a poll to such a listener.

I would be willing to test TLS with you if you like, even using STARTTLS. If we
got some testing under our belt we could discover what works and what doesn't and be in a better position to give feedback to the binkd developer(s).

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Re: BINKP over TLS
By: Alexey Fayans to Alan Ianson on Wed Dec 18 2019 01:32 pm

Hello Alan!

On Tue, 17 Dec 2019 at 15:02 -0800, you wrote to me:

If you have ideas around security in binkd I would send them directly to one of the binkd developers. Alexey Vissarionov is someone active
in Fidonet and is a binkd deveolper I think. That might be a good
place to start.

I believe Michael Dukelsky (2:5020/1042) is the last active binkd developer.

I've already expressed my ideas, but here's a summary:

1. STARTTLS is the best option because:
1.1. It works on the same port and therefore will be adopted way faster.

binkps requires no protocol change, therefore will be adopted way faster.

1.2. Can work out of the box without additional configuration.

Not sure what "box" you're referring to, but there's currently no BinkP mailers that support STARTTLS, so how could you possibly know what configuration will be needed?

1.3. Requires significantly less software modified.

I actually implemented binkps is less than an 30 minutes. I took a working binkp implementation and made it binkps with less than 10 lines of added or changed code. Others have run completely unmodified BinkD over TLS already. So far, nobody has implemented STARTTLS, so there's nothing to compare it to, but comparing it to zero means binkps wins again.

1.4. Not less secure than TLS on a dedicated port because it is possible to announce TLS support via nodelist.

STARTTLS is well known to be less secure than Implicit TLS: https://www.agwa.name/blog/post/starttls_considered_harmful

2. For any kind of TLS something must be decided on certificate authority.

Nope. Self-signed certificates provide privacy via TLS just fine.

2.1. We can use internet CAs, but this will require additional binding of fidonet address to internet domain, probably, via nodelist. Doesn't look shiny. 2.2. We can have own CA but this makes fidonet more centralized, we will also have to define a secure way of issuing and delivering certificates.

A CA is only needed if you're going to use TLS for trust. If you're only using TLS for privacy, then a CA-signed certificate is not needed.

digital man

This Is Spinal Tap quote #41:
Ian Faith: It say's "Memphis show cancelled due to lack of advertising funds." Norco, CA WX: 48.4°F, 42.0% humidity, 0 mph SW wind, 0.00 inches rain/24hrs

I've already expressed my ideas, but here's a summary:

1. STARTTLS is the best option because:

How do you encrypt the metadata that is sent on connection? Can STARTTLS negotiated before node infos are sent? Will this add another roundtrip?

Direct TLS will give us a quick path to QUIC, which would reduce connection times instead of making the protocol slower.

2. For any kind of TLS something must be decided on certificate
authority.

Or don't us a CA. There is DANE, TOFU and we still have the encrypted session password for authentication ...


* Origin: kakistocracy (2:280/464.47)

Hello Alan!

On Wed, 18 Dec 2019 at 17:12 -0800, you wrote to me:

I don't think STARTTLS is what we want today.

Why?

In the early going of TLS it was probably the only way forward since
there were many destinations that did not support TLS, that is not the case today. I don't read of anyone adopting STARTTLS today, only depricating it.

I only see a proposal to deprecate STARTTLS _implementation_ in SMTP and other e-mail protocols because obviously implementation has flaws. If implemented properly, I don't see any reason for deprecation.

If binkps over TLS was implemented today I think implicit TLS is the
way to do it.

I don't agree. If it will be implemented this way, I can bet it will be adopted
by less than 1% of systems.

We need a binkps listener on port 24553 (or the post you
intend to use) and a way to start a poll to such a listener.

And for that we will need a lot of software updated on a lot of systems. Which will most probably never happen.

I would be willing to test TLS with you if you like, even using
STARTTLS. If we got some testing under our belt we could discover what works and what doesn't and be in a better position to give feedback to
the binkd developer(s).

I am not a true coder, at least, I don't have enough skill/time to implement any kind of TLS support in binkd. If someone will do it, I'll be happy to test.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Rob!

On Wed, 18 Dec 2019 at 20:54 -0800, you wrote to me:

binkps requires no protocol change, therefore will be adopted way
faster.

Explain, how can something that requires manual configuration changes be adopted way faster than something that doesn't, if at all?

1.2. Can work out of the box without additional configuration.

Not sure what "box" you're referring to, but there's currently no
BinkP mailers that support STARTTLS, so how could you possibly know
what configuration will be needed?

I mean that STARTTLS-enabled mailers will continue to connect with older versions and vice versa, and once both sides support STARTTLS, it will start working without any additional actions or configuration changes.

1.3. Requires significantly less software modified.

I actually implemented binkps is less than an 30 minutes.

I already explained what I mean. Not a protocol implementation on a single node, but whole infrastructure to make it all work on all nodes.

Or in other words, why my binkp still not using TLS when connecting to your node? Do you get what I mean?

1.4. Not less secure than TLS on a dedicated port because it is
possible to announce TLS support via nodelist.

STARTTLS is well known to be less secure than Implicit TLS: https://www.agwa.name/blog/post/starttls_considered_harmful

I already said a few times that this and other articles criticize existing implementations flaws. I will say that again. If designed properly, it will be as secure as TLS on a dedicated port, just more flexible. And FIDONET ecosystem
allows that.

2. For any kind of TLS something must be decided on certificate
authority.

Nope. Self-signed certificates provide privacy via TLS just fine.
A CA is only needed if you're going to use TLS for trust. If you're
only using TLS for privacy, then a CA-signed certificate is not
needed.

The whole sentence is wrong. CA is required to make sure that the certificate provided by server was not replaced by an attacker during MitM attack. With self-signed certificate you can never tell that you are connecting to the real system, unless you know a CA pubkey used to sign that self-signed certificate. That's kinda basic stuff.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Oli!

On Thu, 19 Dec 2019 at 07:38 +0100, you wrote to me:

1. STARTTLS is the best option because:

How do you encrypt the metadata that is sent on connection? Can
STARTTLS negotiated before node infos are sent?

I think I already answered this question. One option is to wait for STARTTLS command from client for a few seconds on incoming connection before sending metadata. That will introduce a few seconds connection delay with older clients, though. There might be a better solution, I just don't know the binkp protocol good enough.

Will this add another roundtrip?
Direct TLS will give us a quick path to QUIC, which would reduce connection times instead of making the protocol slower.

Things like that matter in real-time applications, i.e. ajax web pages that make thousands of small requests to server. Not our case really.

2. For any kind of TLS something must be decided on certificate
authority.

Or don't us a CA. There is DANE, TOFU and we still have the encrypted session password for authentication ...

Without CA the whole thing is just pointless and subject to simple MitM attack.
So why even talking about security?

DANE and TOFU are ways to tell that the system supports TLS, not a way to verify its certificate.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Alexey,

I don't think STARTTLS is what we want today.

Why?

Because of what I have read others say on the subject. I really have no good idea why it is frowned upon.

The first encounter I had with binkps was about a year ago when SSL/TLS was introduced in Mystic. Mystic has oppotunistic SSL/TLS support. It had to be oppotunistic since James knew at the outset there would be mailers in the mix that did not support SSL/TLS. James received a lot of feedback on the subject that implicit TLS was the way to go rather that Opportunistic.

Since then I have looked up the subject. There is a mountain of information on the subject and I have not read it all, but I don't see folks adopting STARTTLS
today, only depricating it.

In the early going of TLS it was probably the only way forward
since there were many destinations that did not support TLS, that
is not the case today. I don't read of anyone adopting STARTTLS
today, only depricating it.

I only see a proposal to deprecate STARTTLS _implementation_ in SMTP
and other e-mail protocols because obviously implementation has flaws.
If implemented properly, I don't see any reason for deprecation.

The proposal to depricate STARTTLS is enough for me to depricate it. I am relying the the experience of others and best practise today.

If binkps over TLS was implemented today I think implicit TLS is
the way to do it.

I don't agree. If it will be implemented this way, I can bet it will
be adopted by less than 1% of systems.

In discussions I have had, I have recieved only possitive feedback on the idea of implementing binkps with TLS. I will go ahead and implement binkps in my own
setup when I can, with nodes who wish it and support it.

I have done this already with Mystic's mailer (Mystic's implementation needs work) and Synchronet's BinkIT mailer. binkps using TLS is a reality today for those using the BinkIT mailer. I have successfully sent and recieved netmail using Synchronet's BinkIT mailer with binkd on the remote side.

BinkIT's mailer uses implicit TLS and is very secure and I would like to be able to do this with binkd as well, since I use binkd on my node 153/757.

If binkd could listen on a secure TLS port (24553) and poll nodes listening on a secure port I'm sure it would be widely accepted although I wouldn't guess a pecentage.

We need a binkps listener on port 24553 (or the post you
intend to use) and a way to start a poll to such a listener.

And for that we will need a lot of software updated on a lot of
systems. Which will most probably never happen.

For a start there is the BinkIT mailer that supports TLS now. There are other mailers in use also that likely won't be updated (Argus/Irex) but I think the binkd mailer is the most used today looking at my own logs. If binkd supported TLS most nodes could use it if they choose to.

It would be used here at my node.

I would be willing to test TLS with you if you like, even using
STARTTLS. If we got some testing under our belt we could discover
what works and what doesn't and be in a better position to give
feedback to the binkd developer(s).

I am not a true coder, at least, I don't have enough skill/time to implement any kind of TLS support in binkd. If someone will do it,
I'll be happy to test.

I am going to ask some nodes who have done this for advice on how they did it and if I can do it will netmail you my findings and we can do some testing if you would like.

I just need to get a bit of free time.

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Re: BINKP over TLS
By: Alexey Fayans to Rob Swindell on Fri Dec 20 2019 01:24 am

2. For any kind of TLS something must be decided on certificate
authority.

Nope. Self-signed certificates provide privacy via TLS just fine.
A CA is only needed if you're going to use TLS for trust. If you're only using TLS for privacy, then a CA-signed certificate is not
needed.

The whole sentence is wrong. CA is required to make sure that the certificate provided by server was not replaced by an attacker during MitM attack. With self-signed certificate you can never tell that you are connecting to the real system, unless you know a CA pubkey used to sign that self-signed certificate. That's kinda basic stuff.

True, if you're concerned about active MitM attacks (not just passive-snooping). But if you're concerned about active MitM attacks, then you don't want to use STARTTLS either.

digital man

Synchronet "Real Fact" #94:
Synchronet v3.15b was released in October of 2011 (5 years after v3.14a). Norco, CA WX: 65.0°F, 24.0% humidity, 1 mph ESE wind, 0.00 inches rain/24hrs

On 19 Dec 2019 at 02:41p, Alan Ianson pondered and said...

If binkd could listen on a secure TLS port (24553) and poll nodes listening on a secure port I'm sure it would be widely accepted although
I wouldn't guess a pecentage.

Yep supportive of this also.

If binkd supported TLS most nodes could use it if they choose to.
It would be used here at my node.

I would welcome this too.

Best, Paul

--- Mystic BBS v1.12 A43 2019/03/03 (Windows/32)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

Hello Alan!

On Thu, 19 Dec 2019 at 14:41 -0800, you wrote to me:

I don't think STARTTLS is what we want today.

Why?

Because of what I have read others say on the subject. I really have
no good idea why it is frowned upon.

Well, it's not a strong argument you know.

The first encounter I had with binkps was about a year ago when
SSL/TLS was introduced in Mystic. Mystic has oppotunistic SSL/TLS
support. It had to be oppotunistic since James knew at the outset
there would be mailers in the mix that did not support SSL/TLS. James received a lot of feedback on the subject that implicit TLS was the
way to go rather that Opportunistic.

Yeah, I guess similar to something I read here. Just some criticism of existing
imperfect implementations.

Since then I have looked up the subject. There is a mountain of information on the subject and I have not read it all, but I don't see folks adopting STARTTLS today, only depricating it.

Any examples of real deprecations? Even if there are, I bet only implementations where client cannot verify if server supports TLS (like initial
SMTP implementation) are being deprecated.

I only see a proposal to deprecate STARTTLS _implementation_ in
SMTP and other e-mail protocols because obviously implementation
has flaws. If implemented properly, I don't see any reason for
deprecation.

The proposal to depricate STARTTLS is enough for me to depricate it. I
am relying the the experience of others and best practise today.

Only existing SMTP implementation is deprecated because it was designed in such
a way that client cannot know if server supports TLS.

It's also a good thing to be smart when relying on the experience of others. You need to understand the reasons why others are making these decisions. And if these reasons are applicable to the topic (they are not).

I don't agree. If it will be implemented this way, I can bet it
will be adopted by less than 1% of systems.

In discussions I have had, I have recieved only possitive feedback on
the idea of implementing binkps with TLS. I will go ahead and
implement binkps in my own setup when I can, with nodes who wish it
and support it.

Sure, it will still less than 1% of all nodes.

I have done this already with Mystic's mailer (Mystic's implementation needs work) and Synchronet's BinkIT mailer. binkps using TLS is a
reality today for those using the BinkIT mailer. I have successfully
sent and recieved netmail using Synchronet's BinkIT mailer with binkd
on the remote side.

I know that it is not hard from technical side. I can even run both TLS and clear text protocols on the same port via SSLH. What I am talking about is that
it requires some actions from every single node to start using binkps. And these actions are way more than simple binary update. Knowing how most people don't like to change configuration I just predict the failure of the protocol because the majority of sysops will simply ignore it.

BinkIT's mailer uses implicit TLS and is very secure and I would like
to be able to do this with binkd as well, since I use binkd on my node 153/757.

Let's start talking about "very secure" when there will be a mechanism to verify/trust peers' certificates. Right now it's as secure as plain text.

If binkd could listen on a secure TLS port (24553) and poll nodes listening on a secure port I'm sure it would be widely accepted
although I wouldn't guess a pecentage.

Yeah, the problem is that it won't magically start doing that.

For a start there is the BinkIT mailer that supports TLS now.

Great. How many sysops are using it?

There are other mailers in use also that likely won't be updated (Argus/Irex) but I think the binkd mailer is the most used today
looking at my own logs. If binkd supported TLS most nodes could use it
if they choose to.

Have you seen binkd configuration? Currently it is not possible to define a node supporting two protocols specifying ports. And hardcoding TLS port is not an option obviously.

And if we imagine that node syntax will be changed, binkd nodelist parser(s) will need to be updated as well in order to understand nodelist flag where binkps port is specified (similar to IBN).

I am not a true coder, at least, I don't have enough skill/time
to implement any kind of TLS support in binkd. If someone will do
it, I'll be happy to test.

I am going to ask some nodes who have done this for advice on how they
did it and if I can do it will netmail you my findings and we can do
some testing if you would like.

Sure.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Rob!

On Thu, 19 Dec 2019 at 15:43 -0800, you wrote to me:

The whole sentence is wrong. CA is required to make sure that the
certificate provided by server was not replaced by an attacker
during MitM attack. With self-signed certificate you can never tell
that you are connecting to the real system, unless you know a CA
pubkey used to sign that self-signed certificate. That's kinda
basic stuff.

True, if you're concerned about active MitM attacks (not just passive-snooping).

Isn't it your main argument against STARTTLS?

But if you're concerned about active MitM attacks,
then you don't want to use STARTTLS either.

Why not? It is perfectly mitigated and I explained that a few times already. You gotta stop looking back at old SMTP implementation that wasn't designed against active MitM attacks in the first place.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Re: BINKP over TLS
By: Alexey Fayans to Rob Swindell on Fri Dec 20 2019 04:12 pm

Hello Rob!

On Thu, 19 Dec 2019 at 15:43 -0800, you wrote to me:

The whole sentence is wrong. CA is required to make sure that the
certificate provided by server was not replaced by an attacker
during MitM attack. With self-signed certificate you can never tell
that you are connecting to the real system, unless you know a CA
pubkey used to sign that self-signed certificate. That's kinda
basic stuff.

True, if you're concerned about active MitM attacks (not just passive-snooping).

Isn't it your main argument against STARTTLS?

Under no case is Opportunistic TLS (e.g. STARTTLS) as secure as Implicit TLS. Yes, the use of self-signed certs is less secure than CA-signed certs, but that's a different matter and true for both Opportunistic and Implicit TLS.

But if you're concerned about active MitM attacks,
then you don't want to use STARTTLS either.

Why not? It is perfectly mitigated and I explained that a few times already. You gotta stop looking back at old SMTP implementation that wasn't designed against active MitM attacks in the first place.

I look at all the applications of Opportunistic TLS and they're all less secure than Implicit TLS.

digital man

Synchronet/BBS Terminology Definition #73:
TCP = Transmission Control Protocol
Norco, CA WX: 66.7°F, 22.0% humidity, 3 mph WSW wind, 0.00 inches rain/24hrs

Hello Rob!

On Fri, 20 Dec 2019 at 09:56 -0800, you wrote to me:

Isn't it your main argument against STARTTLS?

Under no case is Opportunistic TLS (e.g. STARTTLS) as secure as
Implicit TLS.

So far you didn't provide a single fact proving that good STARTTLS implementation is less secure than TLS on a dedicated port.

Yes, the use of self-signed certs is less secure than
CA-signed certs, but that's a different matter and true for both Opportunistic and Implicit TLS.

Use of self-signed certs without a well-defined and implemented mandatory mechanism to verify these certs (either trusted CA or any other similar way) just turns whole security talk into a joke. Seriously.

Why not? It is perfectly mitigated and I explained that a few times
already. You gotta stop looking back at old SMTP implementation
that wasn't designed against active MitM attacks in the first
place.

I look at all the applications of Opportunistic TLS and they're all
less secure than Implicit TLS.

Examples? Maybe you are just looking at bad / not suitable implementations. Not
all implementations are focused on MitM protection and that is fine, similar to
use of self-signed certs just to make it a bit harder to sniff the traffic.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Re: BINKP over TLS
By: Alexey Fayans to Rob Swindell on Fri Dec 20 2019 09:09 pm

Hello Rob!

On Fri, 20 Dec 2019 at 09:56 -0800, you wrote to me:

Isn't it your main argument against STARTTLS?

Under no case is Opportunistic TLS (e.g. STARTTLS) as secure as Implicit TLS.

So far you didn't provide a single fact proving that good STARTTLS implementation is less secure than TLS on a dedicated port.

Opportunistic TLS gives both the client and the server (or a MitM) the ability to "opt-out" of using TLS. With an Implicit TLS session, no such option is availble; the entire TCP session is secure, or it doesn't exist.

Yes, the use of self-signed certs is less secure than
CA-signed certs, but that's a different matter and true for both Opportunistic and Implicit TLS.

Use of self-signed certs without a well-defined and implemented mandatory mechanism to verify these certs (either trusted CA or any other similar way) just turns whole security talk into a joke. Seriously.

A less funny joke than Binkd's CRYPT option. Seriously.

Why not? It is perfectly mitigated and I explained that a few times
already. You gotta stop looking back at old SMTP implementation
that wasn't designed against active MitM attacks in the first
place.

I look at all the applications of Opportunistic TLS and they're all less secure than Implicit TLS.

Examples?

NNTP, FTP, IRC.

Maybe you are just looking at bad / not suitable implementations.
Not all implementations are focused on MitM protection and that is fine, similar to use of self-signed certs just to make it a bit harder to sniff the traffic.

Security is a moving target. If you're going to implement something, as I have with binkps, you shoot for the state of the art, today's best practices, not yesterday's. STARTTLS is yesterday's solution to TCP session security and is being phased-out. It would be silly to implement STARTTLS in a newly-defined TCP applictaion protocol today.

digital man

Synchronet/BBS Terminology Definition #35:
HTTP = Hypertext Transfer Protocol
Norco, CA WX: 71.9°F, 20.0% humidity, 1 mph W wind, 0.00 inches rain/24hrs

Hello Alexey,

Well, it's not a strong argument you know.

It's not my intention to argue at all.

Since then I have looked up the subject. There is a mountain of
information on the subject and I have not read it all, but I
don't see folks adopting STARTTLS today, only depricating it.

Any examples of real deprecations? Even if there are, I bet only implementations where client cannot verify if server supports TLS
(like initial SMTP implementation) are being deprecated.

They are everywhere, easy to find. I won't attempt listing them.

BinkIT's mailer uses implicit TLS and is very secure and I would
like to be able to do this with binkd as well, since I use binkd
on my node 153/757.

Let's start talking about "very secure" when there will be a mechanism
to verify/trust peers' certificates. Right now it's as secure as plain text.

Is implicit TLS anything less than very secure?

How is it "as secure as plain text" ?

If binkd could listen on a secure TLS port (24553) and poll nodes
listening on a secure port I'm sure it would be widely accepted
although I wouldn't guess a pecentage.

Yeah, the problem is that it won't magically start doing that.

I'm not suggesting magic. For now, nodes who want binkd to listen for TLS will need to run a second listener.

For a start there is the BinkIT mailer that supports TLS now.

Great. How many sysops are using it?

I have one link using the binkit mailer. How many use it is unknown to me.

There are other mailers in use also that likely won't be updated
(Argus/Irex) but I think the binkd mailer is the most used today
looking at my own logs. If binkd supported TLS most nodes could
use it if they choose to.

Have you seen binkd configuration? Currently it is not possible to
define a node supporting two protocols specifying ports. And
hardcoding TLS port is not an option obviously.

Ultimately I would like binkd to listen on port 24553 for incoming polls over TLS, and I need a way to configure binkd to poll supporting nodes over TLS where it is supported.

That was an easy sentence to write but may not be so easy to impliment.

The above sums up my thoughts on the matter. That can work now. I am still not to a point where I would ask the binkd deveolopers for anything. In fact, the binkd developers may have other ideas around what a binkps protocol might look like.

And if we imagine that node syntax will be changed, binkd nodelist parser(s) will need to be updated as well in order to understand
nodelist flag where binkps port is specified (similar to IBN).

When we have a binkps standard to work with we can do all that.

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Hello Rob!

On Fri, 20 Dec 2019 at 11:55 -0800, you wrote to me:

So far you didn't provide a single fact proving that good STARTTLS
implementation is less secure than TLS on a dedicated port.

Opportunistic TLS gives both the client and the server (or a MitM) the ability to "opt-out" of using TLS.

Depends on implementation. Protocol (binkp) may require to drop connection if TLS negotiation fails with a node that supports TLS according to nodelist.

With an Implicit TLS session, no such option is availble; the entire
TCP session is secure, or it doesn't exist.

And how is it more secure than above?

Use of self-signed certs without a well-defined and implemented
mandatory mechanism to verify these certs (either trusted CA or any
other similar way) just turns whole security talk into a joke.
Seriously.

A less funny joke than Binkd's CRYPT option. Seriously.

Sure, but did I ever speak about it?

Why not? It is perfectly mitigated and I explained that a few

times

already. You gotta stop looking back at old SMTP implementation
that wasn't designed against active MitM attacks in the first
place.

I look at all the applications of Opportunistic TLS and

they're all

less secure than Implicit TLS.

Examples?

NNTP, FTP, IRC.

Sure, all very old designs without security in mind. Also, all of these are just services while FIDONET is an ecosystem and has a nodelist where TLS support can be indicated. That makes a perfect platform for a truly secure STARTTLS implementation.

Maybe you are just looking at bad / not suitable implementations.
Not all implementations are focused on MitM protection and that is
fine, similar to use of self-signed certs just to make it a bit
harder to sniff the traffic.

Security is a moving target. If you're going to implement something,
as I have with binkps, you shoot for the state of the art, today's
best practices, not yesterday's.

Like I said earlier, there is no universal standard for everything. When you design something, you gotta be smart and understand well what you are doing and
why.

STARTTLS is yesterday's solution

Nope, only a few not very well designed implementations are `yesterdays solution`.

It would be silly to
implement STARTTLS in a newly-defined TCP applictaion protocol today.

Nope, it will be silly to design a protocol that has no future.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Alan!

On Fri, 20 Dec 2019 at 14:31 -0800, you wrote to me:

Let's start talking about "very secure" when there will be a
mechanism to verify/trust peers' certificates. Right now it's as
secure as plain text.

Is implicit TLS anything less than very secure?
How is it "as secure as plain text" ?

It is not secure at all when client cannot verify server's certificate authenticity. Anyone in the middle can issue own self-signed certificate and client will be happy to accept it.

Yeah, the problem is that it won't magically start doing that.

I'm not suggesting magic. For now, nodes who want binkd to listen for
TLS will need to run a second listener.

For now it's not even a FTS proposal, so we are not talking about now, we are talking about what it can be if done properly.

For a start there is the BinkIT mailer that supports TLS now.

Great. How many sysops are using it?

I have one link using the binkit mailer. How many use it is unknown to
me.

Not many. I don't have numbers, but I'd guess that binkd runs on like 90% of all binkp nodes. The rest 10% is shared between multi-protocol mailers and some
exotic software like BinkIT (I never even heard of it before you named it).

Have you seen binkd configuration? Currently it is not possible
to define a node supporting two protocols specifying ports. And
hardcoding TLS port is not an option obviously.

Ultimately I would like binkd to listen on port 24553 for incoming
polls over TLS, and I need a way to configure binkd to poll supporting nodes over TLS where it is supported.
That was an easy sentence to write but may not be so easy to
impliment.

You cannot force everyone to use a single port. At some places that just cannot
be done, i.e. when several nodes are sharing a single IP address.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Alexey,

Wednesday December 18 2019, Alexey Fayans wrote to Alan Ianson:

I believe Michael Dukelsky (2:5020/1042) is the last active binkd developer.

Sorry no, I am not a binkd developer. Neither is Alexey Vissarionov. From time to time I make some changes in RNtrack and Husky, but not in binkd.

Michael

... node (at) f1042 (dot) ru
--- GoldED+/LNX 1.1.5-b20170303
* Origin: Moscow, Russia (2:5020/1042)

Hello Alexey,

Ultimately I would like binkd to listen on port 24553 for
incoming polls over TLS, and I need a way to configure binkd to
poll supporting nodes over TLS where it is supported. That was an
easy sentence to write but may not be so easy to impliment.

You cannot force everyone to use a single port. At some places that
just cannot be done, i.e. when several nodes are sharing a single IP address.

I don't want to force anything. I simply want to listen on port 24553 for TLS capable sessions.

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Hello Michael!

On Sat, 21 Dec 2019 at 13:13 +0300, you wrote to me:

I believe Michael Dukelsky (2:5020/1042) is the last active binkd
developer.

Sorry no, I am not a binkd developer. Neither is Alexey Vissarionov.
From time to time I make some changes in RNtrack and Husky, but not in binkd.

Ouch. Do you know if Pavel Gulchouck (2:463/68) is still active?


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Alan!

On Sat, 21 Dec 2019 at 13:58 -0800, you wrote to me:

Ultimately I would like binkd to listen on port 24553 for
incoming polls over TLS, and I need a way to configure binkd to
poll supporting nodes over TLS where it is supported. That was
an easy sentence to write but may not be so easy to impliment.

You cannot force everyone to use a single port. At some places
that just cannot be done, i.e. when several nodes are sharing a
single IP address.

I don't want to force anything. I simply want to listen on port 24553
for TLS capable sessions.

That is fine if you are going to only accept connection. But if we speaking about an protocol implementation, all aspects should be considered and though through.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Alexey,

Sunday December 22 2019, Alexey Fayans wrote to Michael Dukelsky:

I believe Michael Dukelsky (2:5020/1042) is the last active
binkd developer.

Sorry no, I am not a binkd developer. Neither is Alexey
Vissarionov. From time to time I make some changes in RNtrack and
Husky, but not in binkd.

Ouch. Do you know if Pavel Gulchouck (2:463/68) is still active?

I haven't heard anything from him for rather a long time. Maybe he is just reading, I don't know.

Michael

... node (at) f1042 (dot) ru
--- GoldED+/LNX 1.1.5-b20170303
* Origin: Moscow, Russia (2:5020/1042)

Hello Alan!

On Fri, 20 Dec 2019 at 15:41 +0300, I wrote to you:

I know that it is not hard from technical side. I can even run both
TLS and clear text protocols on the same port via SSLH.

Actually I did it just for fun as a PoC. My system is reachable both via binkp and binkps on a single port - 24554. It also uses a LetsEncrypt certificate. You can try it.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

On 23 Dec 2019 at 09:28p, Alexey Fayans pondered and said...

Actually I did it just for fun as a PoC. My system is reachable both via binkp and binkps on a single port - 24554. It also uses a LetsEncrypt certificate. You can try it.

If you could share the steps I would love to repro this and test also :)

--- Mystic BBS v1.12 A43 2019/03/03 (Windows/32)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

Hello Alexey,

Actually I did it just for fun as a PoC. My system is reachable both
via binkp and binkps on a single port - 24554. It also uses a
LetsEncrypt certificate. You can try it.

I did poll your node successfully over binkps, I think.

I also sent you a netmail from 1:153/757.2 and I think it was sent to your node
by binkps.

If you'd like to try that in the reverse direction Equinox BBSs details are..

equinoxbbs.ddns.net
Binkp is port 24554 and binkps is 24555.

I Don't know how to get binkd to listen or poll over binkps/TLS. If I can figure that out I will test on my node.

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Hello Alexey,

If you'd like to try that in the reverse direction Equinox BBSs
details are..

EquinoxBBS is node 1:153/757.2

equinoxbbs.ddns.net
Binkp is port 24554 and binkps is 24555.

I Don't know how to get binkd to listen or poll over binkps/TLS. If I
can figure that out I will test on my node.

Ttyl :-),
Al

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Hello Paul!

On Tue, 24 Dec 2019 at 10:32 +1300, you wrote to me:

Actually I did it just for fun as a PoC. My system is reachable
both via binkp and binkps on a single port - 24554. It also uses
a LetsEncrypt certificate. You can try it.

If you could share the steps I would love to repro this and test also
:)

I have latest version of SSLH (built from source) running with this config:

=== Start of Windows Clipboard ===
verbose: 0;
foreground: true;
inetd: false;
numeric: true;
transparent: false;
timeout: 2;
user: "nobody";
pidfile: "/var/run/sslh.pid";
chroot: "/opt/sslh";

syslog_facility: "auth";

listen:
(
{ host: "0.0.0.0"; port: "24554"; },
{ host: "::"; port: "24554"; }
);

protocols:
(
{ name: "tls"; host: "127.0.0.1"; port: "24553"; },
{ name: "anyprot"; host: "192.168.1.2"; port: "24554"; }
);

on_timeout: "anyprot";
=== End of Windows Clipboard ===

And haproxy listening on 24553 with the following config:

=== Start of Windows Clipboard ===
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon

# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private

ssl-default-bind-ciphers EECDH+AESGCM:EDH+AESGCM
ssl-default-bind-options no-sslv3

# Custom
tune.ssl.default-dh-param 2048

defaults
log global
timeout connect 5000
timeout client 50000
timeout server 50000

listen binkps
mode tcp
bind 127.0.0.1:24553 ssl crt /etc/ssl/certs/bsrealm.net.pem
server binkd 192.168.1.2:24554
=== End of Windows Clipboard ===

Please note that latest SSLH has a bug in on_timeout (on-timeout) config directive handling (see https://github.com/yrutschle/sslh/issues/253) so maybe it's a good idea to use version supplied by your distro.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Alan!

On Mon, 23 Dec 2019 at 14:07 -0800, you wrote to me:

I did poll your node successfully over binkps, I think.
I also sent you a netmail from 1:153/757.2 and I think it was sent to
your node by binkps.

Yep, all went good.

If you'd like to try that in the reverse direction Equinox BBSs
details are..

I will wait for some kind of standard, when I can force binkd to use TLS based on nodelist flags automatically.. :)

I Don't know how to get binkd to listen or poll over binkps/TLS. If I
can figure that out I will test on my node.

I just posted my config, so you can try it if you like. But that's about listenig. I didn't try polling anyone, but I think someone here posted an example.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Alexey,

Yep, all went good.

Good stuff.

If you'd like to try that in the reverse direction Equinox BBSs
details are..

I will wait for some kind of standard, when I can force binkd to use
TLS based on nodelist flags automatically.. :)

OK.

I Don't know how to get binkd to listen or poll over binkps/TLS.
If I can figure that out I will test on my node.

I just posted my config, so you can try it if you like. But that's
about listenig. I didn't try polling anyone, but I think someone here posted an example.

I have a few nodes now I can test with, including yours so I'll get to work on that. Time is an issue. I just got back from shopping and the little lady tells
me she wants to go shopping so I'm out for a time.. ;)

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

I Don't know how to get binkd to listen or
poll over binkps/TLS. If I can figure that
out I will test on my node.

I posted several messages with different options how to do it (in fidonet and fsxnet). If you have some specific questions, I'm happy to help.


* Origin: kakistocracy (2:280/464.47)

Hello Oli,

I Don't know how to get binkd to listen or
poll over binkps/TLS. If I can figure that
out I will test on my node.

I posted several messages with different options how to do it (in
fidonet and fsxnet). If you have some specific questions, I'm happy to help.

I saw some posts by you and others but I got lost in the ports, stunnels and proxy's.

Can you give me an example to..

A. Have binkd listen on port 24553 for binkps/TLS?

B. Poll a binkps node listening for binkps/TLS polls?

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

I posted several messages with different options how to do it (in
fidonet and fsxnet). If you have some specific questions, I'm
happy to help.

I saw some posts by you and others but I got lost in the ports,
stunnels and proxy's.

Can you give me an example to..

A. Have binkd listen on port 24553 for binkps/TLS?

e.g. with nginx (change the path to a valid cert / key pair)

nginx.conf:

stream {
server {
listen 24553 ssl;
ssl_certificate /etc/haproxy/ssl/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/haproxy/ssl/ssl-cert-key-snakeoil.pem;
proxy_pass 127.0.0.1:24554;
}
}

B. Poll a binkps node listening for binkps/TLS polls?

binkd.cfg:

node 1:153/757.2 -pipe "openssl s_client -quiet -alpn binkp -connect *H:*I" equinoxbbs.ddns.net:24555



* Origin: kakistocracy (2:280/464.47)

Hello Oli,

B. Poll a binkps node listening for binkps/TLS polls?

binkd.cfg:

node 1:153/757.2 -pipe "openssl s_client -quiet -alpn binkp -connect *H:*I" equinoxbbs.ddns.net:24555

When I poll 153/757.2 like this from 153/757 I get a TLS error. At the remote side (153/757.2) I see this..

BINKPS connection accepted from: 2600:3c04::f03c:92ff:fe69:8db0 port 47496 BINKPS JavaScript service thread started
BINKPS TLS ERROR 'Recieved TLS alert message: Handshake failure' (-15) setting session active

I'm currently using a self signed cert on 153/757.2, could that be the problem?

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Hello Oli,

Can you give me an example to..

A. Have binkd listen on port 24553 for binkps/TLS?

e.g. with nginx (change the path to a valid cert / key pair)

nginx.conf:

stream {
server {
listen 24553 ssl;
ssl_certificate
/etc/haproxy/ssl/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/haproxy/ssl/ssl-cert-key-snakeoil.pem;
proxy_pass 127.0.0.1:24554;
}
}

Thanks for that, I have binkd listening over TLS now successfully and I can poll 153/757 from 153/757.2

B. Poll a binkps node listening for binkps/TLS polls?

binkd.cfg:

node 1:153/757.2 -pipe "openssl s_client -quiet -alpn binkp -connect *H:*I" equinoxbbs.ddns.net:24555

I'm still getting the error I mentioned, I'll keep working on that.

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

When I poll 153/757.2 like this from 153/757
I get a TLS error. At the remote side
(153/757.2) I see this..

BINKPS connection accepted from:
2600:3c04::f03c:92ff:fe69:8db0 port 47496
BINKPS JavaScript service thread started
BINKPS TLS ERROR 'Recieved TLS alert
message: Handshake failure' (-15) setting
session active

i think it is a problem with the TLS library binkit is using.

I'm currently using a self signed cert on
153/757.2, could that be the problem?

self-signed should be fine, but their might be other problems with the cert. have you tried another one?


* Origin: kakistocracy (2:280/464.47)

Hello Oli,

BINKPS connection accepted from:
2600:3c04::f03c:92ff:fe69:8db0 port 47496
BINKPS JavaScript service thread started
BINKPS TLS ERROR 'Recieved TLS alert
message: Handshake failure' (-15) setting
session active

i think it is a problem with the TLS library binkit is using.

I have exchanged netmail with a node using binkd at the remote side. I'll have to figure that out, and find a workable way.

I'm currently using a self signed cert on
153/757.2, could that be the problem?

self-signed should be fine, but their might be other problems with the cert. have you tried another one?

Not yet. It is posible to use a letsencrypt cert with Synchronet. If I can't get passed this I'll give it a shot.

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

On 23.12.2019 21:28, Alexey Fayans - Alan Ianson :

On Fri, 20 Dec 2019 at 15:41 +0300, I wrote to you:

 AF> I know that it is not hard from technical side. I can even run both
 AF> TLS and clear text protocols on the same port via SSLH.

Actually I did it just for fun as a PoC. My system is reachable both
via binkp and binkps on a single port - 24554. It also uses a
LetsEncrypt certificate. You can try it.

===
node 2:5030/1997 -pipe "openssl s_client -quiet -alpn binkp -connect *H:*I" * ===

10:55 [13564] BEGIN, binkd/1.1a-99/Linux -pP 2:5030/1997 /etc/binkd/binkd.cfg - 10:55 [13564] Nodelist /bbs/file/base/nodelist/Z2DAILY.363 parsed, 1023 IP-nodes processed (0 sec)
10:55 [13564] creating a poll for 2:5030/1997@fidonet (`d' flavour)
10:55 [13564] clientmgr started
10:55 [13565] Substituted * to fido.bsrealm.net. for 2:5030/1997@fidonet by nodelist
+ 10:55 [13565] call to 2:5030/1997@fidonet
+ 10:55 [13565] External command 'openssl s_client -quiet -alpn binkp -connect fido.bsrealm.net.:binkp' started, pid 13566
10:55 [13565] connected
+ 10:55 [13565] outgoing session with fido.bsrealm.net:binkp [fido.bsrealm.net.]
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = bsrealm.net
verify return:1
- 10:55 [13565] OPT CRAM-MD5-12d5ce5c4d16a57b570ba9f8d15182ee
+ 10:55 [13565] Remote requests MD mode
- 10:55 [13565] SYS Music Station
- 10:55 [13565] ZYZ Alexey Fayans
- 10:55 [13565] LOC St.Petersburg, Russia
- 10:55 [13565] NDL 100M,IBN,ICM
- 10:55 [13565] TIME Sun, 29 Dec 2019 11:55:29 +0300
- 10:55 [13565] VER binkd/1.0.4/Win32 binkp/1.1
+ 10:55 [13565] addr: 2:5030/1997@fidonet
+ 10:55 [13565] addr: 2:5030/1997.9@fidonet

:)

'Tommi

---
* Origin: nntps://news.fidonet.fi (2:221/6.0)

On Tue 17-Dec-2019 8:33 , Oli@2:275/201.0 said to Alexey Fayans:

No it doesn't. MitM attack can only fool client into thinking
that TLS is not supported. But you can require TLS on a client
side and it will just disconnect, no harm done.

I believe it does.

What is TLS and what is different about it from what we are using today with the standard Binkd config? If your a hub why would you force your clients to use it? Some of us are using some really old operating systems.
--- CNet/5
* Origin: 1:275/201.0 (1:275/201.30)

Hello Phillip,

What is TLS and what is different about it from what we are using
today with the standard Binkd config?

TLS is Transport Layer Security. It is the successor to SSL. When you use a secure https:// website you are using TLS. It is used for security and privacy.

If your a hub why would you force your clients to use it? Some of us
are using some really old operating systems.

I don't think anyone is forcing anything. You can connect to my node as always on port 24554 or using TLS on port 24553.

Ttyl :-),
Al

--- GoldED+/LNX
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

28 Apr 20 22:42, you wrote to All:

On Tue 17-Dec-2019 8:33 , Oli@2:275/201.0 said to Alexey Fayans:

No it doesn't. MitM attack can only fool client into

thinking

that TLS is not supported. But you can require TLS on a

client

side and it will just disconnect, no harm done.

I believe it does.

What is TLS and what is different about it from what we are using
today with the standard Binkd config?

the binkp CRYPT extension requires a session password for the encryption. With TLS it's possible to use encryption without a session password.

If your a hub why would you force your clients to use it?

I think there is some context missing. IIRC correctly the discussion was about opportunistic TLS:. the connection starts as plaintext and then is upgraded to a TLS encrypted session. A man-in-the-middle can strip the TLS negotiation. To mitigate the attack the client could insist on TLS and refuse any plaintext connection. See
https://en.wikipedia.org/wiki/Opportunistic_TLS

There is no standard and for opportunistic TLS with binkp. We are using direct TLS now. The server listens on another port and expects a TLS session on that port (but still can offer plaintext sessions on the IBN port).

Some of us are using some really old operating systems.

It's possible to run a TLS proxy on another machine, like a Raspberry Pi or an OpenWRT based router.

Using Tor and Tor a hidden services is much easier to setup though.


* Origin: kakistocracy (2:280/464.47)

Re: BINKP over TLS
By: Oli to Phillip L Taylor Jr on Wed Apr 29 2020 10:27:16

Using Tor and Tor a hidden services is much easier to setup though.

it also isn't allowed everywhere either... try connecting to my site/system via
Tor using any protocol you desire ;)


)\/(ark
--- SBBSecho 3.11-Linux
* Origin: SouthEast Star Mail HUB - SESTAR (1:3634/12)

29 Apr 20 09:02, you wrote to me:

Using Tor and Tor a hidden services is much easier to setup
though.

it also isn't allowed everywhere either... try connecting to my site/system via Tor using any protocol you desire ;)

If you don't offer a Tor hidden service, I cannot connect to your node's (non existent) .onion address.

Blocking incoming connections from Tor exit nodes doesn't prevent a hidden service from working.

I don't recommend unencrypted binkp connections over Tor exit nodes.


* Origin: kakistocracy (2:280/464.47)

Re: BINKP over TLS
By: Oli to mark lewis on Wed Apr 29 2020 16:19:14

Using Tor and Tor a hidden services is much easier to setup
though.

it also isn't allowed everywhere either... try connecting to my
site/system via Tor using any protocol you desire ;)

If you don't offer a Tor hidden service, I cannot connect to your node's

(non existent) .onion address.

i never said or indicated that i did run such a service... perhaps your statment was too loose or general? or perhaps i misread it? :shrug:

Blocking incoming connections from Tor exit nodes doesn't prevent a

hidden service from working.

no one said it did ;)

blocking incoming from such also blocks outgoing to such, though... my perimeter firewall does an exceptional job of performing that task :)

I don't recommend unencrypted binkp connections over Tor exit nodes.

why not? binkp connections carry state secrets? somehow i don't think so...


)\/(ark
--- SBBSecho 3.11-Linux
* Origin: SouthEast Star Mail HUB - SESTAR (1:3634/12)