Subj : FTSC
To   : Alan Ianson
From : Oli
Date : Fri Nov 22 2019 09:42 pm

 ml>> binkd and others already have completely encrypted session
 ml>> capabilities... even binkit has it ;)

 AI> They do, and both mailers work very well with that encryption. Do
 AI> mailers that support CRYPT need to negotiate a session and exchange
 AI> passwords before the session can be encrypted?

Yes, you need a shared session password. It's also not a completely encrypted 
transmission.

 AI> Mystic has the ability to encrypt binkp sessions also (it uses
 AI> cryptlib) although it hasn't fully matured and needs work.

AFAIK it uses opportunistic TLS (like STARTTLS). The Internet is moving away 
from opportunistic encryption (RFC 8314, "Cleartext Considered Obsolete"). 
Mystics implementation is already a lame duck.

https://en.wikipedia.org/wiki/Opportunistic_TLS#Weaknesses_and_mitigations

 AI> I was thinking about this and the posibility of a standard so
 AI> different mailers could use secure binkp. Alexey said something about
 AI> secure binkp that made me curious.

 AI> Would binkp over TLS (or really, any secure method) be a good thing?

Why wouldn't it? :)

--- GoldED+/LNX 1.1.5-b20180707
 * Origin: kakistocracy (2:280/464.47)

.