Hello Tommi,

On Tuesday November 12 2019 18:34, you wrote to me:

Indeed, that too is annoying. The TZUTC kludge was introduced in
1997 by Odinn S›rensen per FSP-1001. TWENTY TWO YEARS AGO! It was
documented as a standard (FTS-4008) by the FTSC in 2003. SIXTEEN
YEARS ago! There is really no excuse for not implementing it. It
isn't rocket science. :(

We can live without ^AREPLY but nowadays messages go around the world
in seconds. That's why ^TZUTC would be quite nice to have when sorting messages by time/date.

It is my considered opinion that the TZUTC kludge is indeed a kludge. I.e. a measure to compensate for a design flaw. The founding fathers of Fidonet flawed
by using local time instead of UTC when sending messages across the world. Hams
- that are well represented in Fidonet - have been using UTC (previously GMT) in international communications almost from the start. So why the founding fathers choose to use local time in messages is a mystery to me. Anyway, that is how it is and the TZUTC kludge is a workaround that works.
So why make things difficult and refuse to implement it?


Cheers, Michiel

--- GoldED+/W32-MSVC 1.1.5-b20170303
* Origin: http://www.vlist.org (2:280/5555)

Hello Tommi!

** 12.11.19 - 18:34, Tommi Koivula wrote to Michiel van der Vlist:

We can live without ^AREPLY but nowadays messages go around the world
in seconds. That's why ^TZUTC would be quite nice to have when sorting
messages by time/date.

^AREPLY works so beautifully in WinPoint (2007) /Apoint (2001) /OpenXP (at least since 2013).

In both Winpoint and Apoint, the "view thread" graphic tree opens above
the current message when requested.

In OpenXp the graphic tree is invoked with Ctrl-#.

The thread/tree makes it very nice to follow a conversation of interest,
or kill a branch of no interest.

It is a shame that messages without the kludge are not part of the visible thread. Those messages can be anywhere in the timeline, and hard to
locate.

With messages lacking ^AREPLY we can only resort to the Subject - which
can be a nighmare especially when people don't bother to adjust the
Subject line when the topic changes. :( Case in point: "IC and 3 symbols
in msg" has gone on long enough! Argghhh. LOL

As far as I can tell TZUTC is well utilized in all 3.

Today's Fido progs can only *improve* with implementing both kludges to
make this experience less frustrating.



../|ug

--- OpenXP 5.0.40
* Origin: /|ug's Point, Ont. CANADA (2:221/1.58)

On 11-12-19 12:19, Michiel Van Der Vlist <=-
spoke to Terry Roati about IC and 3 symbols in msg <=-

MVDV> Apart from the fact that omitting a REPLY kludge in a reply
MVDV> when there is a MSGID, is in violation of FTS-0009, it is
MVDV> bloody annoying.

Are you still spouting that fake news? Both REPLY and MSGID are
optional. One can use use MSGID or not. One can use REPLY only if the
message being replied to has a MSGID, but is not required to do so.
*IF* one uses them, they must be in the format and specification
contained in FTS-0009. To quote:

Implementation of the protocols defined in this document is not
mandatory, but all implementations of these protocols are expected to
adhere to this standard.

Note the words "protocols" (plural) and "these" (also plural). It is
not a single protocol, but two separate protocols.

Dale Shipp
fido_261_1466 (at) verizon (dot) net
(1:261/1466)


... Shipwrecked on Hesperus in Columbia, Maryland. 00:38:08, 13 Nov 2019
___ Blue Wave/DOS v2.30

--- Maximus/NT 3.01
* Origin: Owl's Anchor (1:261/1466)

Hi August.

12 Nov 19 19:39:00, you wrote to me:

@MSGID: 2:221/1.58@fidonet de58e816
@REPLY: 2:221/0.1 5dcb2658
@PID: OpenXP/5.0.40 (Win32)
@CHRS: ASCII 1

...

As far as I can tell TZUTC is well utilized in all 3.

There is no TZUTC in this message.

../|ug

--- OpenXP 5.0.40
* Origin: /|ug's Point, Ont. CANADA (2:221/1.58)

'Tommi

---
* Origin: Point One, Colonia del Sacramento, Zone4 (2:221/0.1)

Hello Tommi!

** 13.11.19 - 15:40, Tommi Koivula wrote to August Abolins:

As far as I can tell TZUTC is well utilized in all 3.

There is no TZUTC in this message.

--- OpenXP 5.0.40

Like I said, "As far as I can tell.." Threading feature seemed to compensate, I guess.

2 out of 3 ain't bad. LOL

That sucks. :( I can't seem to spot it in config either.
Thanks for the heads-up.

Maybe the "boss" could add one? ;)




../|ug

--- OpenXP 5.0.40
* Origin: /|ug's Point, Ont. CANADA (2:221/1.58)

On 13/11/2019 15:06, August Abolins -> Tommi Koivula wrote:

Maybe the "boss" could add one? ;)

Boss? What boss?

--

Regards
David

--- Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Thunderbird/31.8.0
* Origin: Straylia Mate (3:640/305)

Hi August.

As far as I can tell TZUTC is well utilized in all 3.

There is no TZUTC in this message.

--- OpenXP 5.0.40

Maybe the "boss" could add one? ;)

Sure, but the "boss" should know in which time zone you are when you post the message. ;D

'Tommi

--- TheBoss
* Origin: Point One, Colonia del Sacramento, Zone4 (2:221/0.1)

Hello David!

** 14.11.19 - 07:32, David Drummond wrote to August Abolins:

On 13/11/2019 15:06, August Abolins -> Tommi Koivula wrote:

Maybe the "boss" could add one? ;)

Boss? What boss?

TK is "the boss" node. LOL



../|ug

--- OpenXP 5.0.40
* Origin: /|ug's Point, Ont. CANADA (2:221/1.58)

On Wed, 13 Nov 2019 14:06:00 GMT
"August Abolins -> Tommi Koivula" <58@1.221.2> wrote:

There is no TZUTC in this message.

--- OpenXP 5.0.40

That sucks. :( I can't seem to spot it in config either.

I also didn't find anything in the sources.

Maybe the "boss" could add one? ;)

I would ask the OpenXP developers first. I think XP's internal message format supports time zones and there are configuration options for the time zone (I see it in the language files and the German documentation in the source code, but I don't have XP installed and don't know in which menu it can be configured). Adding a TZUTC kludge shouldn't be that hard.

---
* Origin: (2:280/464.47)

On 13/11/2019 6:28 p.m., Tommi Koivula : August Abolins wrote:

There is no TZUTC in this message.

--- OpenXP 5.0.40

Maybe the "boss" could add one?

Sure, but the "boss" should know in which time zone you are when
you post the message.;D

That could probably be announced and then automated via netmail with something like a TZUTCfix. It would be a very good solution to make TZUTC consistently utilized from your system.

--- TheBoss <== Right on!

* Origin: Point One, Colonia del Sacramento, Zone4 (2:221/0.1)

..AA

--- Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
* Origin: nntp://rbb.fidonet.fi - Lake Ylo - Finland (2:221/360)

On 14/11/2019 2:48 a.m., Oli : August Abolins wrote:

There is no TZUTC in this message.

--- OpenXP 5.0.40

That sucks. I can't seem to spot it in config either.

I also didn't find anything in the sources.

Yes.. the nice thing is that OpenXP is still being supported. At least two of my "bug" reports in the last year were dealt with.

Maybe the "boss" could add one?

I would ask the OpenXP developers first. I think XP's internal
message format supports time zones and there are configuration
options for the time zone (I see it in the language files..

I don't see a time-zone setting in the DOS version of OpenXP that I use.

But were it added, I would guess the option would fit nicely in Config/Options/Messages.. or Config/Options/Misc..

Adding a TZUTC kludge shouldn't be that hard.

But 'available time' to do it is the ruling factor. :(

I am beginning to appreciate the benefits of TZUTC more and more.

..AA

--- Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
* Origin: nntp://rbb.fidonet.fi - Lake Ylo - Finland (2:221/360)

Hi August.

14 Nov 19 18:14:26, you wrote to me:

Maybe the "boss" could add one?

Sure, but the "boss" should know in which time zone you are when
you post the message.;D

That could probably be announced and then automated via netmail with

something like a TZUTCfix. It would be a

very good solution to make TZUTC consistently utilized from your system.

In principle it is your job to alter your outbound .pkts, but of course it is possible to do at the boss end too.

Stay tuned. :)

'Tommi

---
* Origin: Point One, Colonia del Sacramento, Zone4 (2:221/0.1)

Hello Dale,

On Wednesday November 13 2019 01:12, you wrote to me:

MVDV>> Apart from the fact that omitting a REPLY kludge in a reply
MVDV>> when there is a MSGID, is in violation of FTS-0009, it is
MVDV>> bloody annoying.

Are you still spouting that fake news?

It is not fake news, it is the official interpretation from the FTSC.

When I was FTSC chairman, I ruled (as mandated by FTA-1000 and FTA-1001, hunt for the words "interpretation" and "advice") that FTS-0009 is to be interpretated in such a way that MSGID and REPLY are two parts of one and te same standard and when one implements part of the standard, one must implement all of it.

Until my successor rules otherwise, that is the POV of the FTSC.

I may add that this reflects current practise. TTBOMK all implemantations of FTS-0009 in use in Fidonet today, do both MSGID and REPLY.

[Apparently even the last of the renegades has given up resistance. ;-) ]


Cheers, Michiel

--- GoldED+/W32-MSVC 1.1.5-b20170303
* Origin: http://www.vlist.org (2:280/5555)

On 15 Nov 19 10:17:16, Michiel Van Der Vlist said the following to Dale Shipp:

[Apparently even the last of the renegades has given up resistance. ;-) ]

It wasn't so much giving up resistance; I had the time last night to study
the message-parser code for hours before I found a way to inject your stupid sky-is-falling kludge nonsense. Now you can enjoy my fuck-off message, in a threaded style.

Renegade and many others have enjoyed threaded reading that does not depend
on kludging. So have TBBS, Squish, Worldgroup/MajorBBS etc. Pretty sure Synchronet can do it without kludging. Threaded reading is a bunch of
bullshit anyway because any topic can be usurped by someone into a different topic yet the software doesn't know the difference. Its just a reading preference by a few... and your preference means I need to add a kludge.

What a useless kludge pair, this Msgid/Reply... Explain to me logically why this was promoted as a standard. What, someone cannot code a proper
dupe-check in their tosser? D'Bridge has rock solid detection since 1988 that does not use this kludge. So do many other tossers. What, we need an easy way to ID a message? Someone cannot do this from the Origin, Seen-by and Path?

The Msgid itself is flawed by design, yet everyone seemingly jumped on the bandwagon and this nonsense was promoted as standard.

*You* are the one who runs shit software and I'm fucking GLAD you're OUT of the FTSC. Your whining and complaining about a kludge pair thats flawed by design. Good riddance and I hope your Fido departure is not far behind. It
will be a day of big celebration when you and some others are finally GONE.

Nick

--- Renegade vY2Ka2
* Origin: Joey, do you like movies about gladiators? (1:229/426)

On Fri, 15 Nov 2019 07:36:56 -0500
"Nick Andre -> Michiel Van Der Vlist" <0@426.229.1> wrote:

*You* are the one who runs shit software and I'm fucking GLAD you're
OUT of the FTSC. Your whining and complaining about a kludge pair
thats flawed by design. Good riddance and I hope your Fido departure
is not far behind. It will be a day of big celebration when you and
some others are finally GONE.

Why don't you and your C buddies just fork-off and create another net were only
true old-school Fido veterans are allowed to participate. I heard that Zone 5 and 6 are available.

---
* Origin: (2:280/464.47)

Hello Oli!

15 Nov 19 14:36, you wrote to Nick Andre:

Why don't you and your C buddies just fork-off and create another net
were only true old-school Fido veterans are allowed to participate. I heard that Zone 5 and 6 are available.

Well, Zone 5 and Zone 6 were from fidonet and if them will be online one day they will be fidonet again, other nets starts from zone 10 or higher.

I'm one of the C buddies and I think that it's better that we stay there.
Maybe you can try get the opportunity to fork-off ;)

Ciao!
Fabio

--- GoldED+/LNX 1.1.5-b20180707
* Origin: ]\/[imac Rebirth Boss Point (2:335/364.1)

Hi Fabio!

"Fabio Bizzi -> Oli" <1@364.335.2> wrote:

Why don't you and your C buddies just fork-off and create
another net were only true old-school Fido veterans are allowed
to participate. I heard that Zone 5 and 6 are available.

Well, Zone 5 and Zone 6 were from fidonet

Really?! ;)

and if them will be online one day they will be fidonet again

You are truly an optimist.

other nets starts from zone 10 or higher.

Is there document where this is defined? If FTN were fully 5D this wouldn't be an issue, unfortunately it is only partially implemented.

I'm one of the C buddies and I think that it's better that we stay
there.

You are a good friend of the ZCs? It seems not every C is best friend with every other C.

Maybe you can try get the opportunity to fork-off ;)

I know, this is the _more_ realistic option. Rebuilding a decentralized (and democratic) Fidonet from the ground up.

---
* Origin: (2:280/464.47)

Hi Nick.

15 Nov 19 07:36:56, you wrote to Michiel Van Der Vlist:

Renegade and many others have enjoyed threaded reading that does not depend on kludging. So have TBBS, Squish, Worldgroup/MajorBBS etc. Pretty sure Synchronet can do it without kludging.

How does your bbs know that this message from outside your bbs is a reply to a message in your bbs?

There are no msgid or reply kludges in this message.

'Tommi

---
* Origin: rbb.fidonet.fi (2:221/1)

On 15/11/2019 23:36, Oli -> Nick Andre wrote:

*You* are the one who runs shit software and I'm fucking GLAD you're
OUT of the FTSC. Your whining and complaining about a kludge pair
thats flawed by design. Good riddance and I hope your Fido departure
is not far behind. It will be a day of big celebration when you and
some others are finally GONE.

Why don't you and your C buddies just fork-off and create another net
were only true old-school Fido veterans are allowed to participate. I
heard that Zone 5 and 6 are available.

Not even being a part of Fidonet, where do you get off making such suggestions.

As I've said before if you don't like the policies/procedures of Fidonet why are you even bothering to be here, why are you not in one of those utopian othernets?

--

Regards
David

--- Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Thunderbird/31.8.0
* Origin: Straylia Mate (3:640/305)

On 16/11/2019 01:30, Oli -> Fabio Bizzi wrote:

I know, this is the _more_ realistic option. Rebuilding a decentralized (and democratic) Fidonet from the ground up.

Maybe you should start from scratch and create such a network and fuck off to it...

I'm not holding my breath though.

--

Regards
David

--- Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Thunderbird/31.8.0
* Origin: Straylia Mate (3:640/305)

I know, this is the _more_ realistic option. Rebuilding a decentralized (and democratic) Fidonet from the ground up.

Maybe you should start from scratch and create such a network and fuck
off to t i...

I don't understand why Oli should fuck off.

Oli is just as welcome in Fidonet as you are, regardless of node number,
point or user staus.

Ttyl :-),
Al

--- MagickaBBS v0.13alpha (Linux/x86_64)
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

On 15 Nov 19 20:09:50, Tommi Koivula said the following to Nick Andre:

Renegade and many others have enjoyed threaded reading that does not depend on kludging. So have TBBS, Squish, Worldgroup/MajorBBS etc. Pretty sure Synchronet can do it without kludging.

How does your bbs know that this message from outside your bbs is a reply t message in your bbs?

It uses the Replies field in its database structure to keep track.

There are no msgid or reply kludges in this message.

Doesn't matter to me...

Nick

--- Renegade vY2Ka2
* Origin: Joey, do you like movies about gladiators? (1:229/426)

On 15 Nov 19 16:30:42, Oli said the following to Fabio Bizzi:

I know, this is the _more_ realistic option. Rebuilding a decentralized (and democratic) Fidonet from the ground up.

What makes you think Fido is not democratic now? If I do not do my job I can be replaced. In fact I can be replaced at any time if some people decide on it. All I do is push out a nodelist. Stop thinking conspiracy theories when none exist. Maybe instead of politician-speak you can show me why I need
to fork-off exactly? Or are you having your fun like Lee & Bjorn?

You are more than welcome to join or start your Othernet. I have said many times that the quality of conversation in Othernets is far superior to
most convo in Fidonet. Even the non-stop Mystic banter in FsxNet is tolerable.

Nick

--- Renegade vY2Ka2
* Origin: Joey, do you like movies about gladiators? (1:229/426)

On 16/11/2019 10:07, Alan Ianson -> David Drummond wrote:

I know, this is the _more_ realistic option. Rebuilding a decentralized
(and democratic) Fidonet from the ground up.

Maybe you should start from scratch and create such a network and fuck
off to t i...

I don't understand why Oli should fuck off.

A response to his suggestion to other persons, nodelisted "members" of Fidonet at that.

Oli is just as welcome in Fidonet as you are, regardless of node number, point or user staus.

Points and users have no rights in Fidonet - outside the access their boss node
affords them to his/her system.

--

Regards
David

--- Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Thunderbird/31.8.0
* Origin: Straylia Mate (3:640/305)

Hi! Nick,

On 15 Nov 19 19:24, you wrote to Tommi Koivula:

How does your bbs know that this message from outside your bbs is
a reply t message in your bbs?

It uses the Replies field in its database structure to keep track.

Fascinating. Does the BBS use 'multi-value' field definition types, allowing value markers to separate/access the values?

Cheers,
Paul.

... Hello ... Incontinence Hotline.' 'Can you hold, please?
--- GoldED+/LNX 1.1.5-b20130515
* Origin: Quinn's Rock - Live from Paul's Xubuntu desktop! (3:640/1384)

Hello Nick,

On Friday November 15 2019 07:36, you wrote to me:

@MSGID: 1:229/426 C529A966
@REPLY: 2:280/5555 5dce7155
@TZUTC: -0500

;-)

[Apparently even the last of the renegades has given up
resistance. ;-) ]

It wasn't so much giving up resistance; I had the time last night

Great. I know you are a busy man, so it is great you finally found the time. It
looks great. Welcome to the 21 century Fidonet.

*You* are the one who runs shit software and I'm fucking GLAD you're
OUT of the FTSC. Your whining and complaining about a kludge pair
thats flawed by design. Good riddance and I hope your Fido departure
is not far behind. It will be a day of big celebration when you and
some others are finally GONE.

Thanks for the compliment. I am sure your enthousiasm will be of great help in performing your task of attracting new members and make Fidonet grow again. (P4
3.6)

BTW, regarding "Encouraging new technologies in Fidonet software development" (FTA-1000, 1.2), how is your IPv6? Any progress?


Cheers, Michiel

--- GoldED+/W32-MSVC 1.1.5-b20170303
* Origin: http://www.vlist.org (2:280/5555)

On 16 Nov 19 10:06:49, Michiel Van Der Vlist said the following to Nick Andre:

Thanks for the compliment. I am sure your enthousiasm will be of great help performing your task of attracting new members and make Fidonet grow again. (P4 3.6)

I stand by my words. I do not regret anything I ever say or post, ever.

BTW, regarding "Encouraging new technologies in Fidonet software developmen (FTA-1000, 1.2), how is your IPv6? Any progress?

Nice try, but we have done the battle of the Witts about IPV6 before - I
will implement it at home if and when the need arises.

D'Bridge has already been capable of supporting IPV6 for a long time now. I added that support well before you had a chance to whine about it.

Anything else, or are we done?

Nick

--- Renegade vY2Ka2
* Origin: Joey, do you like movies about gladiators? (1:229/426)

"David Drummond -> Alan Ianson" <0@305.640.3> wrote:

I don't understand why Oli should fuck off.

A response to his suggestion to other persons, nodelisted "members"
of Fidonet at that.

Which was a response to

Good riddance and I [=Z1] hope your [=RC28] Fido departure is not
far behind. It will be a day of big celebration when you and some
others are finally GONE.

Points and users have no rights in Fidonet

That's the spirit! ;)

---
* Origin: (2:280/464.47)

On 15 Nov 2019 at 07:34p, Nick Andre pondered and said...

many times that the quality of conversation in Othernets is far superior to most convo in Fidonet. Even the non-stop Mystic banter in FsxNet is tolerable.

I'm going to start another beer and bacon thread for you :)

--- Mystic BBS v1.12 A43 2019/03/03 (Windows/32)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

many times that the quality of conversation in Othernets is far

superior

to most convo in Fidonet. Even the non-stop Mystic banter in FsxNet

is

tolerable.

I'm going to start another beer and bacon thread for you :)

Is there New Zealand beer? I mean, is it any of the Canadian horse piss I had 2
weeks ago? Or better?

\%/@rd

--- D'Bridge 3.99
* Origin: Do not meddle in the affairs of wizards (2:292/854)

On 16 Nov 2019 at 09:44p, Ward Dossche pondered and said...

Is there New Zealand beer? I mean, is it any of the Canadian horse piss
I had 2 weeks ago? Or better?

Not only beer but hot/cold water and pay TV :)

--- Mystic BBS v1.12 A43 2019/03/03 (Windows/32)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

On 17/11/2019 07:23, Paul Hayton -> Ward Dossche wrote:

Is there New Zealand beer? I mean, is it any of the Canadian horse piss
I had 2 weeks ago? Or better?

Not only beer but hot/cold water and pay TV :)

You have cold water???

Even the water from my cold tap is hot :(

--

Regards
David

--- Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Thunderbird/31.8.0
* Origin: Straylia Mate (3:640/305)

On 17 Nov 2019 at 08:33a, David Drummond pondered and said...

You have cold water???
Even the water from my cold tap is hot :(

Yeah the Chinese bottle it, send it over, and sell it in chillers in
Australia.

--- Mystic BBS v1.12 A43 2019/03/03 (Windows/32)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

On 17/11/2019 11:58, Paul Hayton -> David Drummond wrote:

You have cold water???
Even the water from my cold tap is hot :(

Yeah the Chinese bottle it, send it over, and sell it in chillers in Australia.

Yeah - but they charge too much for me to use it to temper my daily shower. :)

--

Regards
David

--- Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Thunderbird/31.8.0
* Origin: Straylia Mate (3:640/305)

Hi Ward,

On Nov 16, 2019 09:44pm, Ward Dossche wrote to Paul Hayton:

Is there New Zealand beer? I mean, is it any of the Canadian horse piss
I had 2 weeks ago? Or better?

This is hard to say for an Aussie but I found the dairy products from NZ are probably the best in the world due to the pastures, climate etc.

Maybe it's the quality of the pasture and the water but NZ beers are pretty good.

In Cairns a city of 150 k we now have four boutigue brewries probably due to the volume of tourists here so it is difficult to not find a beer to suit your taste.

... Platinum Xpress & Wildcat!..... Nice!!!!
--- Platinum Xpress/Win/WINServer v7.0
* Origin: The File Bank BBS! https://tfb-bbs.org (3:640/1321) (3:640/1321)

Hello Oli!

15 Nov 19 16:30, you wrote to me:

Well, Zone 5 and Zone 6 were from fidonet

Really?! ;)

I'm pretty sure... :P

and if them will be online one day they will be fidonet again

You are truly an optimist.

Well' I'd like to be so. :)
Before my came back Region 39 was formed by only one node, now we're three and some others are applying for a node number, where there is the will there is the way. ;)

other nets starts from zone 10 or higher.

Is there document where this is defined? If FTN were fully 5D this wouldn't be an issue, unfortunately it is only partially implemented.

Anuway it's so, the othernets have zone numbers >= 10. :)

I'm one of the C buddies and I think that it's better that we
stay there.

You are a good friend of the ZCs? It seems not every C is best friend
with every other C.

I don't know who is the best friend of whom, I know that I have a great debt with the ZC2 and with RC56 for their help and I hope to be considered a friend for them, moreover I think that the first thing in the human relactions is the respect, a concept that is too frequently forget in this echo. :)

Maybe you can try get the opportunity to fork-off ;)

I know, this is the _more_ realistic option. Rebuilding a
decentralized (and democratic) Fidonet from the ground up.

I think that sometimes a fork is a good thing, some others not. ;)

P.S. We're slighly off topic here. ;)

Ciao!
Fabio

--- GoldED+/LNX 1.1.5-b20180707
* Origin: ]\/[imac Rebirth Boss Point (2:335/364.1)

"Michiel van der Vlist -> Terry Roati" <0@5555.280.2> wrote:

Can things be improved? Sure, but will they, highly unlikely?

MvdV> So... speaking about improving things, moving forward and encouraging
MvdV> the use of new technology... How is your IPv6?

I agree that we would be better off, if the Internet had already switched from IPv4 to IPv6. It's also important that Fido software do support IPv6 connections and is not limited to IPv4. I'm still curious why do you think it is important that every Fido node is reachable over IPv6? As long as systems are able to connect to each other what difference does it make? Having more or less Fido nodes with IPv6 does not influence IPv6 adaption, this is something that Internet providers need to solve.

If we want to encourage the use of new technology, why don't we have flags for TLS, Tor hidden services (.onion) or i2p connections? ;) My FTN node at home is
only reachable over Tor, because I'm behind a carrier grade NAT. Connections over Tor are automatically encrypted and it doesn't matter if you connect over an IPv6 or IPv4 relay.

I don't think we should discriminate against any transport mechanisms or strongly prefer one over the other. Whatever works.

---
* Origin: (2:280/464.47)

If we want to encourage the use of new technology, why don't we have
flags for TLS,

Someone needs to introduce the flag, define it, propose it ...

I don't think we should discriminate against any transport mechanisms or strongly prefer one over the other. Whatever works.

Correct.

\%/@rd

--- D'Bridge 3.99
* Origin: Do not meddle in the affairs of wizards (2:292/854)

On Sun, 17 Nov 2019 15:38:29 +0100
"Ward Dossche -> Oli" <0@854.292.2> wrote:

If we want to encourage the use of new technology, why don't we
have flags for TLS,

Someone needs to introduce the flag, define it, propose it ...

If someone is interested in testing TLS connections, I will. It would also need
some discussions about the details (dns srv records?, nodelist flags?, certificates, alpn?).

Connections to a Tor hidden service are straightforward with binkd. My fsxnet node already has a user flag with the onion address in the nodelist.

---
* Origin: (2:280/464.47)

Hi Oli,

On Nov 17, 2019 05:42pm, Oli wrote to Ward Dossche:

If someone is interested in testing TLS connections, I will. It would
also need some discussions about the details (dns srv records?, nodelist flags?, certificates, alpn?).

Connections to a Tor hidden service are straightforward with binkd. My fsxnet node already has a user flag with the onion address in the
nodelist.

Pvt,151,Types_of_Squash_BBS,Thueringen_GER,Oliver_Thuns,- Unpublished-,300,U,ON2:boqbccnwyumttwvh

Your the only one flying the flag ON2 in FSXNET, now if only you could get a few more sysops interested in ON2 and then document it. I hope you succeed
with this, I am sure there would be uses for it. One thinks of HK as a for instance.

... Platinum Xpress & Wildcat!..... Nice!!!!
--- Platinum Xpress/Win/WINServer v7.0
* Origin: The File Bank BBS! https://tfb-bbs.org (3:640/1321) (3:640/1321)

Hello Terry,

Pvt,151,Types_of_Squash_BBS,Thueringen_GER,Oliver_Thuns,- Unpublished-,300,U,ON2:boqbccnwyumttwvh

Your the only one flying the flag ON2 in FSXNET, now if only you could
get a few more sysops interested in ON2 and then document it. I hope
you succeed with this, I am sure there would be uses for it. One
thinks of HK as a for instance.

I don't have tor or an ON2 address, but I think it would be interesting to get binkp over TLS/SSL.

I'm not sure how to go about that though, or if it's possible with current implementations.

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Hi Alan,

On Nov 17, 2019 05:35pm, Alan Ianson wrote to Terry Roati:

I don't have tor or an ON2 address, but I think it would be interesting
to get binkp over TLS/SSL.

I'm not sure how to go about that though, or if it's possible with
current implementations.

Ask Oli, I am sure he is interested to help you as he wants to test it.



... Platinum Xpress & Wildcat!..... Nice!!!!
--- Platinum Xpress/Win/WINServer v7.0
* Origin: The File Bank BBS! https://tfb-bbs.org (3:640/1321) (3:640/1321)

Hi Al,

"Alan Ianson -> Terry Roati" <0@757.153.1> wrote:

I don't have tor or an ON2 address, but I think it would be
interesting to get binkp over TLS/SSL.

I'm not sure how to go about that though, or if it's possible with
current implementations.

Even binkd has no built-in support for TLS it is possible in both directions. We already talked about it in FSX_CRY :).

For incoming connections you need to run a TLS proxy like stunnel or nginx. This should work for any binkp mailer.

For outgoing connections you can use ncat in the binkd nodelist / node configuration:
node 5:6/7 -pipe "ncat --ssl-alpn binkp *H *I" example.com:24553

Native TLS support in binkd could have some advantages, but you can already add
most of the functionality with -pipe, -proxy, perl and nodelist scripts.

Tor is easier to setup than TLS and has some nice features than you don't get with TLS.

If you want to test it (TLS or Tor) we can discuss it in FSX_CRY and/or BINKD. Just start a thread there, I read both areas.

---
* Origin: (2:280/464.47)

I don't have tor or an ON2 address, but I think it would be
interesting to get binkp over TLS/SSL.

I'm not sure how to go about that though, or if it's possible with
current implementations.

Even binkd has no built-in support for TLS it is possible in both directions. We already talked about it in FSX_CRY :).

Yes, I remember but you mentioned tor and proxy. I don't know these
things. Maybe I can put them together, I'm not sure.

I wonder generaly if binkp over SSL/TLS would be good thing or if the
current way binkp works is good enough. Binkd and BinkIT (and possibly
others) support the CRYPT option. Is that enough?

For incoming connections you need to run a TLS proxy like stunnel or nginx. This should work for any binkp mailer.

If you'd like to test this out I'd be willing. I don't know what you mean
by TLS proxy so I'd need to be educated about these things before any meaningful tests could be done.. :)

If you want to test it (TLS or Tor) we can discuss it in FSX_CRY and/or BINKD. Just start a thread there, I read both areas.

I don't mind testing either, but as I say I don't know either so you
would need to bring me up to speed.

I'd be most interested in something that can be used with the binkp
protocol (if that's desirable) in all it's various uses with binkd,
BinkIT and other mailers that would/could use it.

I'll catch you somewhere..

Ttyl :-),
Al

--- MagickaBBS v0.13alpha (Linux/x86_64)
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

"Alan Ianson -> Oli" <0@757.153.1> wrote:

I wonder generaly if binkp over SSL/TLS would be good thing or if the current way binkp works is good enough. Binkd and BinkIT (and possibly others) support the CRYPT option. Is that enough?

That depends on your requirements. If you take encryption seriously, you need something better than CRYPT. TLS encrypts the full session from start to end. With CRYPT only the file transfers are encrypted, the system info is still transmitted in cleartext. I believe CRYPT only works, if both nodes have a session password configured. I need to check that ...

If you want to test it (TLS or Tor) we can discuss it in
FSX_CRY and/or BINKD. Just start a thread there, I read both
areas.

I don't mind testing either, but as I say I don't know either so you
would need to bring me up to speed.

No problem :)

---
* Origin: (2:280/464.47)

On 18 Nov 2019 at 02:09p, Alan Ianson pondered and said...

I don't have tor or an ON2 address, but I think it would be interesting to get binkp over TLS/SSL.

Even binkd has no built-in support for TLS it is possible in both directions. We already talked about it in FSX_CRY :).

Yes, I remember but you mentioned tor and proxy. I don't know these things. Maybe I can put them together, I'm not sure.

I wonder generaly if binkp over SSL/TLS would be good thing or if the current way binkp works is good enough. Binkd and BinkIT (and possibly others) support the CRYPT option. Is that enough?

If you'd like to test this out I'd be willing. I don't know what you mean by TLS proxy so I'd need to be educated about these things before any meaningful tests could be done.. :)

I don't mind testing either, but as I say I don't know either so you
would need to bring me up to speed.

I'd be most interested in something that can be used with the binkp protocol (if that's desirable) in all it's various uses with binkd,
BinkIT and other mailers that would/could use it.

I am the same, although I have not found time to do so -yet. Will forward this over to FSX_CRY and work with you both on this. Be good to add that flag to
a few more nodes in the nodelist.

Best, Paul

--- Mystic BBS v1.12 A43 2019/03/03 (Windows/32)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (3:770/100)

Hi Nick.

15 Nov 19 19:24:56, you wrote to me:

On 15 Nov 19 20:09:50, Tommi Koivula said the following to Nick Andre:

Renegade and many others have enjoyed threaded reading that does not depend
on kludging. So have TBBS, Squish, Worldgroup/MajorBBS etc. Pretty sure
Synchronet can do it without kludging.

How does your bbs know that this message from outside your bbs is a reply

t

message in your bbs?

It uses the Replies field in its database structure to keep track.

It must have some supernatural powers to set the Replies field when the reply message comes from outside.

'Tommi

---
* Origin: IPv6 Point at [2001:470:1f15:cb0:2:221:1:1] (2:221/1.1)

On 11-25-19 10:10, Michiel Van Der Vlist <=-
spoke to Terry Roati about IC and 3 symbols in msg <=-

MVDV> If you say so. But if there are indeed a "lot" of sysops running a BBS
MVDV> with users, there must be an even greater "lot" of users. Where
MVDV> are they? I don't carry all the echos, but I don't see a
MVDV> "lot" of users.

Perhaps that is because your main focus is in the echos that have a
technical and/or sysop point of view. That's ok, but there are echos
which have users who are not sysops. Those echos tend to be ones
not orientated to sysop type of interest.

MVDV> In the last couple of years, I have only
MVDV> seen two. Tim Richardson and Lee Lofaso. Only the first
MVDV> writes via a "real" BBS, the latter writes via the system
MVDV> of a sysop that grants access via JamNNTP. For the sake of
MVDV> argument I will count that too as a "BBS".

As you should. It is a BBS with a different method of access.

Dale Shipp
fido_261_1466 (at) verizon (dot) net
(1:261/1466)


... Shipwrecked on Hesperus in Columbia, Maryland. 02:06:32, 26 Nov 2019
___ Blue Wave/DOS v2.30

--- Maximus/NT 3.01
* Origin: Owl's Anchor (1:261/1466)

Hello Dale,

On Tuesday November 26 2019 02:01, you wrote to me:

running a BBS with users, there must be an even greater "lot" of
users. Where are they? I don't carry all the echos, but I don't see a "lot" of users.

Perhaps that is because your main focus is in the echos that have a technical and/or sysop point of view. That's ok, but there are echos which have users who are not sysops. Those echos tend to be ones
not orientated to sysop type of interest.

So you say. But you also claim to run a BBS which has users, but refuse to give
me the infomation needed to verify that myself. So...

MVDV>> of a sysop that grants access via JamNNTP. For the sake of
MVDV>> argument I will count that too as a "BBS".

As you should. It is a BBS with a different method of access.

In that case I also run a BBS. From P4:

A coordinator is encouraged to operate a public bulletin board system which
is freely available for the purpose of distributing Policy, FidoNews, and Nodelists to potential new sysops.

See my origin. You can read "bulletins" and obtain copies of Policy, Fidonews and nodelists...


Cheers, Michiel

--- GoldED+/W32-MSVC 1.1.5-b20170303
* Origin: http://www.vlist.org (2:280/5555)

MVDV>> of a sysop that grants access via JamNNTP. For the sake of
MVDV>> argument I will count that too as a "BBS".

As you should. It is a BBS with a different method of access.

From one of the last, true BBS sysops that you are, I really love to hear those words from a colleague BBS sysop. :)


..

--- Mozilla/5.0 (Windows; U; Windows NT 5.1; sv-SE; rv:1.9.1.16) Gecko/20101125
* Origin: news://eljaco.se (2:203/2)

In a post between "Tony Langdon : Michiel van der Vlist", on 11/25/2019 1:43 AM

Metered local calls is what killed the BBS here. (I wrote a
Fidonews article about that, but that was a long time
ago..)

Worth a read if it can be tracked down. :)

Too bad there isn't a searchable database of the fidonews articles.

[1] A work-around to that might be to fetch an nntp feed of FNEWS_PUBLISH, (my current feed only goes as far back as 2018), configure your nntp reader to download the messages for local usage, and then use the built-in search features of the reader to search by subject or content as necessary.

[2] Another way to hunt for an article would be here:

http://www.fidonet.itu.se/echomail/

It archives the FIDONEWS posts as far back as 2004. It does not feature a S)earch option, but you can L)ist the messages by Subject, and identify the headings that represent articles using Ctrl-F in your browser.

--- Thunderbird 2.0.0.24 (Windows/20100228)
* Origin: nntp://rbb.fidonet.fi - Lake Ylo - Finland (2:221/360)

On 11-26-19 15:45, Michiel Van Der Vlist <=-
spoke to Dale Shipp about Users <=-

Perhaps that is because your main focus is in the echos that have a technical and/or sysop point of view. That's ok, but there are echos which have users who are not sysops. Those echos tend to be ones
not orientated to sysop type of interest.

MVDV> So you say. But you also claim to run a BBS which has
MVDV> users, but refuse to give me the infomation needed to
MVDV> verify that myself. So...

You or anyone else can become a user on my BBS. All it takes is an
email to me telling me the email address you want to use for it and what
echos you wish to subscribe to.

Dale Shipp
fido_261_1466 (at) verizon (dot) net
(1:261/1466)


... Shipwrecked on Hesperus in Columbia, Maryland. 01:03:43, 27 Nov 2019
___ Blue Wave/DOS v2.30

--- Maximus/NT 3.01
* Origin: Owl's Anchor (1:261/1466)

On 11-27-19 05:17, August Abolins wrote to Tony Langdon <=-

[1] A work-around to that might be to fetch an nntp feed of
FNEWS_PUBLISH, (my current feed only goes as far back as 2018),
configure your nntp reader to download the messages for local usage,
and then use the built-in search features of the reader to search by subject or content as necessary.

Well, if there's a BBS that has it further back, I could take a feed then point a newsreader at my own NNTP server. ;)

[2] Another way to hunt for an article would be here:

http://www.fidonet.itu.se/echomail/

It archives the FIDONEWS posts as far back as 2004. It does not feature
a S)earch option, but you can L)ist the messages by Subject, and
identify the headings that represent articles using Ctrl-F in your browser.

Hmm, OK. :)


... "Mount your horses, men!!" "We're not that lonely, sir!!"
=== MultiMail/Win v0.51
--- SBBSecho 3.10-Linux
* Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (3:633/410)

Hello, August!

27 November 2019, August Abolins wrote to Tony Langdon:

[2] Another way to hunt for an article would be here:
http://www.fidonet.itu.se/echomail/

Who is currently supporting this site?

Sincerely yours, Vladimir Fyodorov, esquire.

... Necessity is the mother of invention
--- GoldED+/OSX 1.1.5-b20180707
* Origin: Esquire Station (2:50/15.1)

Hello Tony

On Nov 27, 2019 07:06pm, Tony Langdon wrote to August Abolins:

Well, if there's a BBS that has it further back, I could take a feed
then point a newsreader at my own NNTP server. ;)

I have Fidonews from 1985 to present, I did a search for ipv6 and got 220
hits, need to refine the search.

Your more than welcome to login and download what you want.

... Platinum Xpress & Wildcat!..... Nice!!!!
--- Platinum Xpress/Win/WINServer v7.0
* Origin: The File Bank BBS! https://tfb-bbs.org (3:640/1321) (3:640/1321)

Hello Bj”rn,

MVDV>>> of a sysop that grants access via JamNNTP. For the sake of
MVDV>>> argument I will count that too as a "BBS".

As you should. It is a BBS with a different method of access.

From one of the last, true BBS sysops that you are, I really love to hear those words from a colleague BBS sysop. :)

Well said!

--Lee

--
Every Bottom Needs A Top

--- MesNews/1.08.05.00-gb
* Origin: news://eljaco.se (2:203/2)

Vladimir,

[2] Another way to hunt for an article would be here:
http://www.fidonet.itu.se/echomail/

Who is currently supporting this site?

My guess would be 'nobody'... very outdated it seems ... 15 years?

\%/@rd

--- D'Bridge 3.99
* Origin: Do not meddle in the affairs of wizards (2:292/854)

On 27/11/2019 8:54 a.m., Ward Dossche : Vladimir Fyodorov wrote:

Vladimir,

[2] Another way to hunt for an article would be here:
     http://www.fidonet.itu.se/echomail/

Who is currently supporting this site?

My guess would be 'nobody'... very outdated it seems ... 15 years?

It is Michael Cronsten at 2:203/412. The site seems to be on auto-pilot.

Re: "outdated, 15 years..", the site presents archive/outdated material quite fine, if that is what we're after. :)

Only a handful of echos list recent content in non-registered user mode. Greater access is offered as a registered user.

--- Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
* Origin: nntp://rbb.fidonet.fi - Lake Ylo - Finland (2:221/360)

On 11-27-19 20:11, Terry Roati wrote to Tony Langdon <=-

Hello Tony

On Nov 27, 2019 07:06pm, Tony Langdon wrote to August Abolins:

Well, if there's a BBS that has it further back, I could take a feed
then point a newsreader at my own NNTP server. ;)

I have Fidonews from 1985 to present, I did a search for ipv6 and got
220 hits, need to refine the search.

Your more than welcome to login and download what you want.

Thanks, will have to take a look. :)


... I.R.S.: We've got what it takes to take what you've got!
=== MultiMail/Win v0.51
--- SBBSecho 3.10-Linux
* Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (3:633/410)

Hello, August!

27 November 2019, August Abolins wrote to Ward Dossche:

[2] Another way to hunt for an article would be here:
     http://www.fidonet.itu.se/echomail/

Who is currently supporting this site?

My guess would be 'nobody'... very outdated it seems ... 15 years?

It is Michael Cronsten at 2:203/412. The site seems to be on auto-pilot.

Thanks for the info.

Sincerely yours, Vladimir Fyodorov, esquire.

... Necessity is the mother of invention
--- GoldED+/OSX 1.1.5-b20180707
* Origin: Esquire Station (2:50/15.1)

Re: RE: Iand alternaernative transports
By: Alan Ianson to Oli on Mon Nov 18 2019 02:09 pm

by TLS proxy so I'd need to be educated about these things before any meaningful tests could be done.. :)

If you want to test it (TLS or Tor) we can discuss it in FSX_CRY and/or BINKD. Just start a thread there, I read both areas.

I don't mind testing either, but as I say I don't know either so you
would need to bring me up to speed.

I'd be most interested in something that can be used with the binkp
protocol (if that's desirable) in all it's various uses with binkd,
BinkIT and other mailers that would/could use it.

Having Synchronet/BinkIT listen/accept BINKP/TLS connections is a piece of cake. Simply add the following to your ctrl/services.ini file:

[BINKPS]
Enabled=true
Port=24555
Command=binkit.js
LogLevel=debug
Options=TLS

Now, having BinkIT support *outbound* BINKP/TLS connections will require some (not a ton of) work (in JS); something I'll have to look into. But if anyone wants to experiment, both vert.synchro.net and cvs.synchro.net are answering BINKP/TLS connections on TCP port 24555 right now.

Also, I picked that TCP port number (24555) without a lot of debate, so consider that a temporarly "assignment" until such time as BINKP over TLS is more of a standard and an "official" port number is assigned.

digital man

Synchronet "Real Fact" #3:
Synchronet version 2 was written in C and 8086 assembly programming languages. Norco, CA WX: 63.4øF, 61.0% humidity, 8 mph ENE wind, 0.00 inches rain/24hrs --- SBBSecho 3.10-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Hello Rob,

Having Synchronet/BinkIT listen/accept BINKP/TLS connections is a
piece of cake. Simply add the following to your ctrl/services.ini
file:

[BINKPS]
Enabled=true
Port=24555
Command=binkit.js
LogLevel=debug
Options=TLS

I have that setup now and binkit.js is listening also on port 24555 with the TLS option.

A couple questions about sessions over TLS. Are session passwords required, and
is there anything else I need like a cert of some kind?

Now, having BinkIT support *outbound* BINKP/TLS connections will
require some (not a ton of) work (in JS); something I'll have to look into. But if anyone wants to experiment, both vert.synchro.net and cvs.synchro.net are answering BINKP/TLS connections on TCP port 24555 right now.

When that is ready I'll gladly test it out.

Also, I picked that TCP port number (24555) without a lot of debate,
so consider that a temporarly "assignment" until such time as BINKP
over TLS is more of a standard and an "official" port number is
assigned.

That should work fine I think.

I have Equinox BBS listening with standard binkp on port 24554 and secure binkps on port 24554.

Equinox BBS
1:153/757.2
equinoxbbs.ddns.net

If anyone would like to try that feel free. Reports of success or failure are welcome.

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Hello Rob,

I have Equinox BBS listening with standard binkp on port 24554 and
secure binkps on port 24554.

Wrong! Secure binkps is on port 24555.

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Re: Re: Iand alternaernative transports
By: Rob Swindell to Alan Ianson on Mon Dec 09 2019 03:49 pm

Now, having BinkIT support *outbound* BINKP/TLS connections will require some (not a ton of) work (in JS); something I'll have to look into. But if anyone wants to experiment, both vert.synchro.net and cvs.synchro.net are answering BINKP/TLS connections on TCP port 24555 right now.

I'll set mine up to TLS port 24555 also, so that you'll have something to test against if you want it?
...ëîåã

... When you dial a wrong number, you NEVER get a busy signal.
--- SBBSecho 3.10-Linux
* Origin: I'm playing with ANSI+videotex - wanna play too? (3:633/509)

Hello Rob!

09 Dec 19 15:49, you wrote to Alan Ianson:

Also, I picked that TCP port number (24555) without a lot of debate,
so consider that a temporarly "assignment" until such time as BINKP
over TLS is more of a standard and an "official" port number is
assigned.

Port 24555 is often used by sysops running more than one BinkP server behind a single public IPv4 address. For temporary/testing purposes it shouldn't be an issue.

Andrew

--- GoldED+/LNX 1.1.5-b20180707
* Origin: Phoenix BBS * phoenix.bnbbbs.net (1:320/219)

Re: Ialternaernaernative transports
By: Alan Ianson to Rob Swindell on Mon Dec 09 2019 04:42 pm

Hello Rob,

Having Synchronet/BinkIT listen/accept BINKP/TLS connections is a
piece of cake. Simply add the following to your ctrl/services.ini
file:

[BINKPS]
Enabled=true
Port=24555
Command=binkit.js
LogLevel=debug
Options=TLS

I have that setup now and binkit.js is listening also on port 24555 with the TLS option.

A couple questions about sessions over TLS. Are session passwords required, and is there anything else I need like a cert of some kind?

A session password would be required for "secure" sessions, the same as when not using TLS. And you should already have a cert file: ctrl/ssl.cert. It's a self-signed certificate by default, or you can get one from LetsEncrypt using the Synchronet letSyncrypt module.


digital man

Synchronet/BBS Terminology Definition #53:
PETSCII = PET Standard Code of Information Interchange (a.k.a. CBM ASCII) Norco, CA WX: 63.4øF, 52.0% humidity, 3 mph E wind, 0.00 inches rain/24hrs
--- SBBSecho 3.10-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Ialternaernaernative transports
By: Alan Ianson to Rob Swindell on Mon Dec 09 2019 04:42 pm

Now, having BinkIT support *outbound* BINKP/TLS connections will require some (not a ton of) work (in JS); something I'll have to look into. But if anyone wants to experiment, both vert.synchro.net and cvs.synchro.net are answering BINKP/TLS connections on TCP port 24555 right now.

When that is ready I'll gladly test it out.

Okay, I commited experimental changes to CVS (exec/binkit.js and load/fidocfg.js and load/binkp.js) to enable support for outbound TLS connections. Just add BinkpTLS=true to a [node:*] section in your sbbsecho.ini file to try it out. You sould see a log entry "Negotiating TLS" when connecting
to such a node.

digital man

This Is Spinal Tap quote #32:
Derek Smalls: [A jog?] We don't have time for that.
Norco, CA WX: 63.3øF, 56.0% humidity, 0 mph E wind, 0.00 inches rain/24hrs
--- SBBSecho 3.10-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Ialternaernaernative transports
By: Alan Ianson to Rob Swindell on Mon Dec 09 2019 04:42 pm

I have Equinox BBS listening with standard binkp on port 24554 and secure binkps on port 24554.

Equinox BBS
1:153/757.2
equinoxbbs.ddns.net

Just sent a netmail over binkp/tls. Seemed to work fine.

digital man

Synchronet "Real Fact" #53:
Synchronet Blackjack was the first multi-node/multi-user game for Synchronet. Norco, CA WX: 63.9øF, 48.0% humidity, 0 mph SE wind, 0.00 inches rain/24hrs
--- SBBSecho 3.10-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Hello Rob,

Just sent a netmail over binkp/tls. Seemed to work fine.

Success.. :)

I did get it and read it on the BBS.

At that point I updated my exec dir and made changes to send over TLS.

I also replied to the message on Equinox BBS but I can't seem to get it to 153/757.

Without BinkpTLS=true in the node section for 153/757 binkit doesn't send to 153/757, and with it set to true it attempts to send it but fails because of a bad password. 153/757 is running binkd and doesn't have TLS support.

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Re: Ialternaernaernative transports
By: Rob Swindell to Alan Ianson on Wed Dec 11 2019 12:31 pm

Just sent a netmail over binkp/tls. Seemed to work fine.

I did receive it.. :)

I'll get to work on the additions I need to make and send a reply back shortly.

Here's the log..

Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS connection accepted from: 71. 95.196.36 port 32998
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS JavaScript service thread sta rted
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS BinkIT/2.27 invoked with opti ons:
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS JSBinkP/1.121 inbound connect ion from 71.95.196.36:32998
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sending M_NUL command args: O PT CRAM-MD5-e812db2e64576442f2101b66fe65e41c CRYPT
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sent M_NUL command
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Got M_NUL command args: SYS V ertrauen
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sending M_NUL command args: S YS Equinox BBS
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sent M_NUL command
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sending M_NUL command args: Z YZ Alan Ianson
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sent M_NUL command
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sending M_NUL command args: L OC Penticton, BC Canada
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sent M_NUL command
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sending M_NUL command args: N DL 115200,TCP,BINKP
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sent M_NUL command
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sending M_NUL command args: T IME Wed Dec 11 2019 12:28:37 GMT-0800 (PST)
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sent M_NUL command
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sending M_NUL command args: V ER BinkIT/2.27,JSBinkP/1.121,sbbs3.17c/Linux binkp/1.1
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sent M_NUL command
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sending M_ADR command args: 1 :153/757.2@fidonet 21:4/106.1@fsxnet
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sent M_ADR command
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Got M_NUL command args: ZYZ R ob Swindell
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Got M_NUL command args: LOC R iverside County, California
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Got M_NUL command args: NDL 1 15200,TCP,BINKP
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Got M_NUL command args: TIME Wed Dec 11 2019 12:28:37 GMT-0800 (PST)
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Got M_NUL command args: VER B inkIT/2.28,JSBinkP/1.122,sbbs3.17c/Linux binkp/1.1
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Peer version: BinkIT/2.28,JSB inkP/1.122,sbbs3.17c/Linux binkp/1.1
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Got M_ADR command args: 1:103 /705@fidonet 21:1/183@fsxnet
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Got M_PWD command args: CRAM- MD5-95052d5eb48f1cec353aeb4c18950df2
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Remote addresses: 1:103/705@f idonet 21:1/183@fsxnet
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Unconfigured address 1:103/70 5@fidonet
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Unconfigured address 21:1/183 @fsxnet
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Adding outbound files for 1:1 03/705@fidonet
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Adding outbound files for 21: 1/183@fsxnet
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sending M_OK command args: no n-secure
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sent M_OK command
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sending M_EOB command args: Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sent M_EOB command
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Got M_FILE command args: vqi3 nwl1.pkt 679 1576096101 0
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Receiving file: /sbbs/temp/vq i3nwl1.pkt (0.7KB)
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Got data frame length 679 Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Received file: /sbbs/temp/vqi 3nwl1.pkt (0.7KB)
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Non-secure session type: 'non -secure'
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Moving '/sbbs/temp/vqi3nwl1.p kt' to '/sbbs/fido/inbound/insecure/vqi3nwl1.pkt'.
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sending M_GOT command args: v qi3nwl1.pkt 679 1576096101
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sent M_GOT command
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Got M_EOB command args:
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sending M_EOB command args: Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Sent M_EOB command
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Got M_EOB command args:
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS Touching semaphore file: /sbb s/data/fidoin.now
Dec 11 12:28:37 trmb synchronet: srvc 0061 BINKPS service thread terminated (0 clients remain, 0 total, 3 served)
Dec 11 12:28:38 trmb synchronet: evnt Semaphore signaled for Timed Event: FIDOI N
Dec 11 12:28:38 trmb synchronet: evnt Running native timed event: FIDOIN
Dec 11 12:28:38 trmb synchronet: evnt FIDOIN Executing external: /sbbs/exec/sbb secho -ce
Dec 11 12:28:39 trmb synchronet: evnt Timed event: FIDOIN returned 0

Alan Ianson

Ttyl :-),
Al

... Scotty, beam me to the Bahamas.
--- SBBSecho 3.10-Linux
* Origin: Equinox BBS - Penticton, BC Canada (1:153/757.2)

Hello Rob,

Just sent a netmail over binkp/tls. Seemed to work fine.

I did receive it and replied. Both over TLS if I'm not mistaken. :)

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Re: Ialternaernaernative transports
By: Alan Ianson to Rob Swindell on Wed Dec 11 2019 02:32 pm

Hello Rob,

Just sent a netmail over binkp/tls. Seemed to work fine.

I did receive it and replied. Both over TLS if I'm not mistaken. :)

Cool. That might be a FidoNet-first! :-)

digital man

This Is Spinal Tap quote #36:
Bobbi Flekman: Money talks, and bullshit walks.
Norco, CA WX: 52.9øF, 73.0% humidity, 0 mph WSW wind, 0.00 inches rain/24hrs --- SBBSecho 3.10-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

On Wed, 11 Dec 2019 14:02:32 -0800
"Alan Ianson -> Rob Swindell" <0@757.153.1> wrote:

Without BinkpTLS=true in the node section for 153/757 binkit doesn't
send to 153/757, and with it set to true it attempts to send it but
fails because of a bad password. 153/757 is running binkd and doesn't
have TLS support.

Use a proxy ;)

---
* Origin: (2:280/464.47)

On Wed, 11 Dec 2019 23:46:41 -0800
"Rob Swindell -> Alan Ianson" <0@705.103.1> wrote:

Re: Ialternaernaernative transports
By: Alan Ianson to Rob Swindell on Wed Dec 11 2019 02:32 pm

Hello Rob,

Just sent a netmail over binkp/tls. Seemed to work fine.

I did receive it and replied. Both over TLS if I'm not
mistaken. :)

Cool. That might be a FidoNet-first! :-)

my binkd listens to TLS at binkps-test.uk.to:443 - 2:280/464.47

---
* Origin: (2:280/464.47)

Re: Ialternaernaernative transports
By: Oli to Rob Swindell on Thu Dec 12 2019 10:05 am

my binkd listens to TLS at binkps-test.uk.to:443 - 2:280/464.47

Do you have a special version of binkd? Where did you get it, I wouldnt mind playing with it too. (I just got SBBS working with binkps.)
...deon


... Advertising is legalized lying.
--- SBBSecho 3.10-Linux
* Origin: I'm playing with ANSI+videotex - wanna play too? (3:633/509)

Hi Oli.

12 Dec 19 10:05, you wrote to Rob Swindell:

Just sent a netmail over binkp/tls. Seemed to work fine.

I did receive it and replied. Both over TLS if I'm not

Cool. That might be a FidoNet-first! :-)

my binkd listens to TLS at binkps-test.uk.to:443 - 2:280/464.47

Stunnel?

My nntps server here runs that way, so it should be possible to run binkps also.

'Tommi

--- GoldED+/LNX 1.1.5-b20180707
* Origin: nntps://news.fidonet.fi (2:221/6)

On 12.12.2019 7:00, Oli - Alan Ianson wrote:

On Wed, 11 Dec 2019 14:02:32 -0800
"Alan Ianson -> Rob Swindell" <0@757.153.1> wrote:

 AI>> Without BinkpTLS=true in the node section for 153/757 binkit doesn't
 AI>> send to 153/757, and with it set to true it attempts to send it but
 AI>> fails because of a bad password. 153/757 is running binkd and doesn't
 AI>> have TLS support.

Use a proxy ;)

Maybe someone wants to try 2:221/6:

binkps://news.fidonet.fi:24567

:o)

---
* Origin: smapinntp://rpi.rbb.bbs.fi (2:221/0)

On Thu, 12 Dec 2019 21:29:29 +1100
"Deon George -> Oli" <0@509.633.3> wrote:

Re: Ialternaernaernative transports
By: Oli to Rob Swindell on Thu Dec 12 2019 10:05 am

my binkd listens to TLS at binkps-test.uk.to:443 -
2:280/464.47

Do you have a special version of binkd? Where did you get it, I
wouldnt mind playing with it too. (I just got SBBS working with
binkps.) ..deon

no special server, just haproxy in front of binkd. from haprocy.conf:

listen binkps
bind :::443 ssl crt ssl-cert-snakeoil.pem
server binkd-ssl 172.22.0.10:24554

works with nginx and stunnel too.

---
* Origin: (2:280/464.47)

On Thu, 12 Dec 2019 14:39:50 +0200
"Tommi Koivula -> Oli" <0@0.221.2> wrote:

On 12.12.2019 7:00, Oli - Alan Ianson wrote:

On Wed, 11 Dec 2019 14:02:32 -0800
"Alan Ianson -> Rob Swindell" <0@757.153.1> wrote:

 AI>>> Without BinkpTLS=true in the node section for 153/757 binkit

doesn't AI>> send to 153/757, and with it set to true it attempts to
send it but AI>> fails because of a bad password. 153/757 is running
binkd and doesn't AI>> have TLS support.

Use a proxy ;)

Maybe someone wants to try 2:221/6:

binkps://news.fidonet.fi:24567

binkd to binkd TLS connection:

+ 18:48 [3125] call to 2:221/6@fidonet
+ 18:48 [3125] External command 'openssl s_client -quiet -alpn binkp -connect news.fidonet.fi:24567' started, pid 3126
18:48 [3125] connected
+ 18:48 [3125] outgoing session with news.fidonet.fi:24567
- 18:48 [3125] hiding aka 21:1/151@fsxnet
depth=0 CN = news.fidonet.fi
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = news.fidonet.fi
verify error:num=21:unable to verify the first certificate
verify return:1
- 18:48 [3125] OPT CRAM-MD5-dc11375d463af74c0a675700479f2eee
+ 18:48 [3125] Remote requests MD mode
- 18:48 [3125] SYS mail.fidonet.fi
- 18:48 [3125] ZYZ Tommi Koivula
- 18:48 [3125] LOC EU
- 18:48 [3125] NDL IBN,CM,MO,NNTP,IPv6
- 18:48 [3125] TIME Thu, 12 Dec 2019 19:48:35 +0200
- 18:48 [3125] VER binkd/1.1a-99/Linux binkp/1.1
+ 18:48 [3125] addr: 2:221/6@fidonet
- 18:48 [3125] TRF 0 0
+ 18:48 [3125] Remote has 0b of mail and 0b of files for us
- 18:48 [3125] OPT EXTCMD GZ BZ2
+ 18:48 [3125] Remote supports EXTCMD mode
+ 18:48 [3125] Remote supports GZ mode
+ 18:48 [3125] Remote supports BZ2 mode
+ 18:48 [3125] done (to 2:221/6@fidonet, OK, S/R: 0/0 (0/0 bytes))
18:48 [3125] session closed, quitting...
18:48 [3125] rc(3126)=0
18:48 [3122] rc(3125)=0
18:48 [3122] the queue is empty, quitting...

---
* Origin: (2:280/464.47)

Hello Rob,

I did receive it and replied. Both over TLS if I'm not mistaken. :)

Cool. That might be a FidoNet-first! :-)

Yep.. I have tested with a few nodes at this point and all seems to work well. It's simple, easy and painless to do with Synchronet/BinkIT.

Thanks for your work on that.. :)

I'm about to try linking up my Synchronet with it's boss node running binkd. I haven't done that yet but I see others have so I'll see if I can follow their examples.

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Re: Ialternaernaernative transports
By: Alan Ianson to Rob Swindell on Fri Dec 13 2019 03:45 pm

Hello Rob,

I did receive it and replied. Both over TLS if I'm not mistaken. :)

Cool. That might be a FidoNet-first! :-)

Yep.. I have tested with a few nodes at this point and all seems to work well. It's simple, easy and painless to do with Synchronet/BinkIT.

Thanks for your work on that.. :)

No problem. Credit to Stephen Hurd for making the TLS support for Synchronet services and JS modules so easy.

I also just committed recently a patch to retain the BinkpTLS port value when using echocfg to edit the sbbsecho.ini file.

I'm about to try linking up my Synchronet with it's boss node running binkd. I haven't done that yet but I see others have so I'll see if I can follow their examples.

Cool. Next steps are probably to define (or get IANA to assign) an "official" binkps TCP port number. And then maybe a nodelist flag should be defined so nodes supporting binkps (instead-of or in-addition-to binkp) can be automatically identified.

digital man

Synchronet/BBS Terminology Definition #69:
SSL = Secure Sockets Layer (precursor to TLS)
Norco, CA WX: 61.2øF, 76.0% humidity, 5 mph ESE wind, 0.00 inches rain/24hrs --- SBBSecho 3.10-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

On Fri, 13 Dec 2019 17:59:30 -0800
"Rob Swindell -> Alan Ianson" <0@705.103.1> wrote:

I'm about to try linking up my Synchronet with it's boss node
running binkd. I haven't done that yet but I see others have so
I'll see if I can follow their examples.

Cool. Next steps are probably to define (or get IANA to assign) an "official" binkps TCP port number. And then maybe a nodelist flag
should be defined so nodes supporting binkps (instead-of or
in-addition-to binkp) can be automatically identified.

There is much more to do for the standardization. An IANA number is the least important.

Do we really need an official port number? Or is it better to rely on other ways as many nodes use a non-standard port number anyway:
- SRV records (_binkps._tcp should be mandatory)
- Nodelist flag (INBS ?)
- should we allow self-signed certificates? (yes)
- which TLS version are allowed? (>= TLS v1.3)
- should the client use alpn?

---
* Origin: REPLY (2:280/464.47)

Re: Ialternaernaernative transports
By: Oli to Rob Swindell on Sat Dec 14 2019 08:29 am

On Fri, 13 Dec 2019 17:59:30 -0800
"Rob Swindell -> Alan Ianson" <0@705.103.1> wrote:

I'm about to try linking up my Synchronet with it's boss node
running binkd. I haven't done that yet but I see others have so
I'll see if I can follow their examples.

Cool. Next steps are probably to define (or get IANA to assign) an "official" binkps TCP port number. And then maybe a nodelist flag should be defined so nodes supporting binkps (instead-of or in-addition-to binkp) can be automatically identified.

There is much more to do for the standardization. An IANA number is the least important.

Do we really need an official port number?

Since there's already a standard plaintext TCP port, there should also be a standard TLS/TCP port.

Or is it better to rely on other
ways as many nodes use a non-standard port number anyway:
- SRV records (_binkps._tcp should be mandatory)

That doesn't work for look-ups using binkp.net however.

- Nodelist flag (INBS ?)

I don't care much (I don't use a nodelist here).

- should we allow self-signed certificates? (yes)
- which TLS version are allowed? (>= TLS v1.3)
- should the client use alpn?

No strong opinion on those.

digital man

Synchronet "Real Fact" #30:
The COM I/O routines for Synchronet for DOS were written in ASM by Steve Deppe. Norco, CA WX: 53.3øF, 97.0% humidity, 0 mph S wind, 0.00 inches rain/24hrs
--- SBBSecho 3.10-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

* Originally in FIDONEWS
* Crossposted in BINKD

Hi Oli,

On 2019-12-14 08:29:58, you wrote to Rob Swindell:

Cool. Next steps are probably to define (or get IANA to assign) an
"official" binkps TCP port number. And then maybe a nodelist flag
should be defined so nodes supporting binkps (instead-of or
in-addition-to binkp) can be automatically identified.

There is much more to do for the standardization. An IANA number is the least important.

But we should agree in fidonet on the default/preferred port to use! So it doesn't have to be specified in the nodelist if you use the default.
(24553 is unassigned by IANA)

Do we really need an official port number? Or is it better to rely on other ways as many nodes use a non-standard port number anyway:
- SRV records (_binkps._tcp should be mandatory)

Not everyone's dns "interface" is able to set this I think.

- Nodelist flag (INBS?)

You mean IBNS: ? Most flags seem to be a 3 letter combination, so maybe use: IBS: ?

- should we allow self-signed certificates? (yes)

With the existence of letsencrypt it's not really necessary. But I think it's up to the individuals. As 'client' you should decide for yourself if you really
want to connect to a server with a selfsigned certificate.

- which TLS version are allowed? (>= TLS v1.3)

I think we should follow common practice on the "wider" internet...

- should the client use alpn?

If necessary. ;)

But I have access to a lot of linux machines, older and newer. But none of the openssl and ncat versions I checked seem to support it...?

Bye, Wilfred.

--- FMail-lnx64 2.1.0.18-B20170815
* Origin: FMail development HQ (2:280/464)

Wilfred,

You mean IBNS: ? Most flags seem to be a 3 letter combination, so maybe use: IBS: ?

I don't think there's any standard nor guideline how a flag should be structured.

"PING" has 4 characters and "TRACE" 5.

\%/@rd

--- D'Bridge 3.99
* Origin: Do not meddle in the affairs of wizards (2:292/854)

Hi Ward,

On 2019-12-14 17:11:21, you wrote to me:

You mean IBNS: ? Most flags seem to be a 3 letter combination, so
maybe use: IBS: ?

I don't think there's any standard nor guideline how a flag should be structured.

"PING" has 4 characters and "TRACE" 5.

But given the line length limits that still seem to exist in some nodelist processing software, we shouldn't use more characters than necessary?

Bye, Wilfred.

--- FMail-lnx64 2.1.0.18-B20170815
* Origin: FMail development HQ (2:280/464)

Wilfred,

But given the line length limits that still seem to exist in some
nodelist processing software, we shouldn't use more characters than necessary?

Like "which" products are we talking about ?

\%/@rd

--- D'Bridge 3.99
* Origin: Do not meddle in the affairs of wizards (2:292/854)

Hi Ward,

On 2019-12-14 18:41:34, you wrote to me:

But given the line length limits that still seem to exist in some
nodelist processing software, we shouldn't use more characters than
necessary?

Like "which" products are we talking about ?

Good question! ;)

Bye, Wilfred.

--- FMail-lnx64 2.1.0.18-B20170815
* Origin: FMail development HQ (2:280/464)

Re: Re: BINKP over TLS
By: Wilfred van Velzen to Oli on Sat Dec 14 2019 03:51 pm

* Originally in FIDONEWS
* Crossposted in BINKD

Hi Oli,

On 2019-12-14 08:29:58, you wrote to Rob Swindell:

Cool. Next steps are probably to define (or get IANA to assign) an
"official" binkps TCP port number. And then maybe a nodelist flag
should be defined so nodes supporting binkps (instead-of or
in-addition-to binkp) can be automatically identified.

There is much more to do for the standardization. An IANA number is the least important.

But we should agree in fidonet on the default/preferred port to use! So it doesn't have to be specified in the nodelist if you use the default.
(24553 is unassigned by IANA)

I requested an IANA port assignment for "binkps" today, requested tcp/24553. I Will update on progress as I learn it or you can check for yourself at: https://tools.iana.org/public-view/viewticket/1158485 (not a lot of details there though).

digital man

Synchronet "Real Fact" #103:
The official Synchronet YouTube channel went live on May 6, 2019
Norco, CA WX: 57.9øF, 96.0% humidity, 4 mph ESE wind, 0.00 inches rain/24hrs --- SBBSecho 3.10-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Hi Rob,

On 2019-12-14 13:41:37, you wrote to me:

But we should agree in fidonet on the default/preferred port to use! So
it doesn't have to be specified in the nodelist if you use the default.
(24553 is unassigned by IANA)

I requested an IANA port assignment for "binkps" today, requested tcp/24553. I Will update on progress as I learn it or you can check for yourself at:
https://tools.iana.org/public-view/viewticket/1158485 (not a lot of

details

there though).

Cool!

Bye, Wilfred.

--- FMail-lnx64 2.1.0.18-B20170815
* Origin: FMail development HQ (2:280/464)

On 14.12.2019 13:41, Rob Swindell - Wilfred van Velzen :

; But we should agree in fidonet on the default/preferred port to use! So it
; doesn't have to be specified in the nodelist if you use the default.
; (24553 is unassigned by IANA)

I requested an IANA port assignment for "binkps" today, requested tcp/24553. I Will update on progress as I learn it or you can check
for yourself at:
https://tools.iana.org/public-view/viewticket/1158485 (not a lot of details there though).

Nice. :)

Both 2:221/6 and 2:221/360 are now listening at port 24553 too.

'Tommi

---
* Origin: smapinntp://rpi.rbb.bbs.fi (2:221/0)

On Sat, 14 Dec 2019 00:50:41 -0800
"Rob Swindell -> Oli" <0@705.103.1> wrote:

There is much more to do for the standardization. An IANA number
is the least important.

Do we really need an official port number?

Since there's already a standard plaintext TCP port, there should
also be a standard TLS/TCP port.

ok

Or is it better to rely on other
ways as many nodes use a non-standard port number anyway:
- SRV records (_binkps._tcp should be mandatory)

That doesn't work for look-ups using binkp.net however.

That is binkp.net problem. The specification clearly states that the mailer has
to make a SRV query first. We shouldn't develop standards around broken implementations.

- Nodelist flag (INBS ?)

I don't care much (I don't use a nodelist here).

others do :)

---
* Origin: REPLY (2:280/464.47)

On Sat, 14 Dec 2019 15:51:17 +0100
"Wilfred van Velzen -> Oli" <0@464.280.2> wrote:

Do we really need an official port number? Or is it better to
rely on other ways as many nodes use a non-standard port number
anyway:
- SRV records (_binkps._tcp should be mandatory)

Not everyone's dns "interface" is able to set this I think.

Good point. Maybe that is true for some dyndns providers, which I rarely use.

- Nodelist flag (INBS?)

You mean IBNS: ?

Yes

Most flags seem to be a 3 letter combination, so
maybe use: IBS: ?

Irritating bowel syndrome? I don't care much about the naming of the flag.

- should the client use alpn?

If necessary. ;)

But I have access to a lot of linux machines, older and newer. But
none of the openssl and ncat versions I checked seem to support it...?

Okay. I didn't know that. ALPN is required for http/2 and http/3, it should be supported by any recent TLS library. But I'm not sure how important it is to (for example) share port 443 for http, xmpp and binkp.

---
* Origin: REPLY (2:280/464.47)

On Sat, 14 Dec 2019 13:41:37 -0800
"Rob Swindell -> Wilfred van Velzen" <0@705.103.1> wrote:

But we should agree in fidonet on the default/preferred port to
use! So it doesn't have to be specified in the nodelist if you
use the default. (24553 is unassigned by IANA)

I requested an IANA port assignment for "binkps" today, requested tcp/24553. I Will update on progress as I learn it or you can check
for yourself at:
https://tools.iana.org/public-view/viewticket/1158485 (not a lot of details there though).

I don't understand why you are rushing it? It would be nice, if you had wait a bit longer how the discussion develops. That said, I also used 24553 in my tests a few weeks ago.

---
* Origin: REPLY (2:280/464.47)

Hi Oli,

On 2019-12-15 11:13:57, you wrote to me:

- Nodelist flag (INBS?)

You mean IBNS: ?

Yes

Most flags seem to be a 3 letter combination, so
maybe use: IBS: ?

Irritating bowel syndrome?

;-). You can probably make those up for all the 3 letter flags. ;)

- should the client use alpn?

If necessary. ;)

But I have access to a lot of linux machines, older and newer. But
none of the openssl and ncat versions I checked seem to support
it...?

Okay. I didn't know that. ALPN is required for http/2 and http/3, it

should

be supported by any recent TLS library. But I'm not sure how important it is to (for example) share port 443 for http, xmpp and binkp.

If would be nice if we could support it, but that doesn't seem to be the case...

Bye, Wilfred.

--- FMail-lnx64 2.1.0.18-B20170815
* Origin: FMail development HQ (2:280/464)

Re: Ialternaernaernative transports
By: Oli to Rob Swindell on Sun Dec 15 2019 10:59 am

Or is it better to rely on other
ways as many nodes use a non-standard port number anyway:
- SRV records (_binkps._tcp should be mandatory)

That doesn't work for look-ups using binkp.net however.

That is binkp.net problem. The specification clearly states that the mailer has to make a SRV query first.

Which specification is that?

We shouldn't develop standards around broken implementations.

I'm not sure what you're implying here.

- Nodelist flag (INBS ?)

I don't care much (I don't use a nodelist here).

others do :)

Right, so I'll leave that discussion/decision to those that do. :-)

digital man

Synchronet "Real Fact" #60:
Free dynamic yourbbs.synchro.net hostnames were made first available in 2003. Norco, CA WX: 58.3øF, 61.0% humidity, 10 mph E wind, 0.00 inches rain/24hrs
--- SBBSecho 3.10-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: BINKP over TLS
By: Oli to Rob Swindell on Sun Dec 15 2019 11:22 am

On Sat, 14 Dec 2019 13:41:37 -0800
"Rob Swindell -> Wilfred van Velzen" <0@705.103.1> wrote:

But we should agree in fidonet on the default/preferred port to
use! So it doesn't have to be specified in the nodelist if you
use the default. (24553 is unassigned by IANA)

I requested an IANA port assignment for "binkps" today, requested tcp/24553. I Will update on progress as I learn it or you can check
for yourself at:
https://tools.iana.org/public-view/viewticket/1158485 (not a lot of details there though).

I don't understand why you are rushing it?

I don't consider it rushed. There's plenty of examples of plain-text TCP application protocols that have had secure (*s over TLS/SSL) alternative port assignments. It's not rocket science.

It would be nice, if you had wait
a bit longer how the discussion develops. That said, I also used 24553 in my tests a few weeks ago.

Cool. I don't care too much what the port number assigned is or will be (it's actually not up to me/us, I just *requested* 24553, but another port number could be assigned by IANA); I mainly just care that a port number is assigned to render binkps more usable to those that wish to use it.

digital man

This Is Spinal Tap quote #13:
Nigel Tufnel: You can't really dust for vomit.
Norco, CA WX: 58.3øF, 61.0% humidity, 10 mph E wind, 0.00 inches rain/24hrs
--- SBBSecho 3.10-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Hello Rob!

On Sun, 15 Dec 2019 at 12:26 -0800, you wrote to Oli:

I don't consider it rushed. There's plenty of examples of plain-text
TCP application protocols that have had secure (*s over TLS/SSL) alternative port assignments. It's not rocket science.

Instead of having binkp tunneled through external TLS connection, something like STARTTLS should be implemented in binkp proto, removing the need of an additional port. This is how TLS works in SMTP on standard 25 port. This way no
changes would be needed in either nodelist flags or DNS. If a node supports TLS, it will be negotiated and used. If not, plain-text protocol will be used, unless it is configured to use TLS-only on a supporting node.

So, what is the rush here? Why trying to push a very poor implementation as soon as possible without involving binkd developers at least?


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Alexey,

I don't consider it rushed. There's plenty of examples of
plain-text TCP application protocols that have had secure (*s
over TLS/SSL) alternative port assignments. It's not rocket
science.

Instead of having binkp tunneled through external TLS connection, something like STARTTLS should be implemented in binkp proto, removing
the need of an additional port. This is how TLS works in SMTP on
standard 25 port. This way no changes would be needed in either
nodelist flags or DNS. If a node supports TLS, it will be negotiated
and used. If not, plain-text protocol will be used, unless it is configured to use TLS-only on a supporting node.

I prefer running TLS on it's own port. STARTTLS is not a bad thing and would be
better than nothing but leaves room for a man in the middle attack.

So, what is the rush here? Why trying to push a very poor
implementation as soon as possible without involving binkd developers
at least?

I don't think anyone is rushing anything, just moving in that direction.

Synchronet's implementation is looking good to me. Direct TLS and is working in
my experience.

The binkd developers are most welcome although I am not sure who they are. Alexey perhaps but I am not sure. There is some discussion of all this in the BINKD area that I have been following and hoping to see the binkd developers there.

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Re: BINKP over TLS
By: Alexey Fayans to Rob Swindell on Mon Dec 16 2019 12:25 am

Hello Rob!

On Sun, 15 Dec 2019 at 12:26 -0800, you wrote to Oli:

I don't consider it rushed. There's plenty of examples of plain-text TCP application protocols that have had secure (*s over TLS/SSL) alternative port assignments. It's not rocket science.

Instead of having binkp tunneled through external TLS connection, something like STARTTLS should be implemented in binkp proto, removing the need of an additional port.

STARTTLS and other forms of Explicit/Opportunistic TLS has been deprecated by the IETF in favor of Implicit TLS, for all protocols: https://tools.ietf.org/html/rfc8314

This is how TLS works in SMTP on standard 25 port.

Right, and it's less secure and thus deprecated in favor of SMTPS.

This way
no changes would be needed in either nodelist flags or DNS. If a node supports TLS, it will be negotiated and used. If not, plain-text protocol will be used, unless it is configured to use TLS-only on a supporting node.

Go for it. You can have both Implicit and Opportunist/Less-secure TLS support. I choose the former.

So, what is the rush here?

It's the established "best practice" solution for transport layer security (trust and privacy) for TCP application protocols. Nobody is reinventing the wheel here.

Why trying to push a very poor implementation as
soon as possible without involving binkd developers at least?

Do you consider https to be a "very poor implementation"? binkps is to binkp as
https is to http. I don't need to ask anyone's permission. You don't like it? Don't use it.

digital man

Synchronet/BBS Terminology Definition #68:
SSJS = Server-side JavaScript
Norco, CA WX: 59.9øF, 48.0% humidity, 2 mph NNE wind, 0.00 inches rain/24hrs --- SBBSecho 3.10-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Hello Alan!

On Sun, 15 Dec 2019 at 14:12 -0800, you wrote to me:

Instead of having binkp tunneled through external TLS connection,
something like STARTTLS should be implemented in binkp proto,
removing the need of an additional port. This is how TLS works in
SMTP on standard 25 port. This way no changes would be needed in
either nodelist flags or DNS. If a node supports TLS, it will be
negotiated and used. If not, plain-text protocol will be used,
unless it is configured to use TLS-only on a supporting node.

I prefer running TLS on it's own port.

With STARTTLS you can.

STARTTLS is not a bad thing and would be better than nothing but
leaves room for a man in the middle attack.

No it doesn't. MitM attack can only fool client into thinking that TLS is not supported. But you can require TLS on a client side and it will just disconnect, no harm done.

So, what is the rush here? Why trying to push a very poor
implementation as soon as possible without involving binkd
developers at least?

I don't think anyone is rushing anything, just moving in that
direction.

That's a wrong direction. Before moving into some direction it is nice to weight all opinions, especially ones from current binkd developers.

Synchronet's implementation is looking good to me. Direct TLS and is working in my experience.

Still it requires modification to configurations, nodelist changes and probably
DNS changes as well. STARTTLS would eliminate all of that.

The binkd developers are most welcome although I am not sure who they
are. Alexey perhaps but I am not sure. There is some discussion of all this in the BINKD area that I have been following and hoping to see
the binkd developers there.

In fact this doesn't look like a good place to discuss technical stuff, BINKD seems like a better one.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Rob!

On Sun, 15 Dec 2019 at 14:45 -0800, you wrote to me:

Instead of having binkp tunneled through external TLS connection,
something like STARTTLS should be implemented in binkp proto,
removing the need of an additional port.

STARTTLS and other forms of Explicit/Opportunistic TLS has been
deprecated by the IETF in favor of Implicit TLS, for all protocols: https://tools.ietf.org/html/rfc8314

This is not a standard yet, only a proposal. And it is about mail protocols (SMTP/POP/IMAP), not everything else.

This way
no changes would be needed in either nodelist flags or DNS. If a
node supports TLS, it will be negotiated and used. If not,
plain-text protocol will be used, unless it is configured to use
TLS-only on a supporting node.

Go for it. You can have both Implicit and Opportunist/Less-secure TLS support. I choose the former.

Worst thing to do is to create two incompatible implementations.

So, what is the rush here?

It's the established "best practice" solution for transport layer
security (trust and privacy) for TCP application protocols. Nobody is reinventing the wheel here.

There is no single standard that covers everything.

Why trying to push a very poor implementation as
soon as possible without involving binkd developers at least?

Do you consider https to be a "very poor implementation"?

It was done before STARTLS was invented. Single port would work exactly the same, since right now users just rely on what browser displays in the address bar. It could display HTTPS scheme (also lock icon, certificate warnings, obey HSTS, etc) on 80 port the same way.

binkps is to binkp as https is to http. I don't need to ask anyone's permission. You don't like it? Don't use it.

Yeah, of course you can. Don't be sad if no-one will actually move to that new standard. Things like that must be done wisely to meet good reception.


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

Hello Alexey,

STARTTLS is not a bad thing and would be better than nothing but
leaves room for a man in the middle attack.

No it doesn't. MitM attack can only fool client into thinking that TLS
is not supported. But you can require TLS on a client side and it will just disconnect, no harm done.

I believe it does. That's why STARTTLS has been depricated. I don't think the binkd developers are going to bring STARTTLS to the table but we need to hear from them.

That's a wrong direction. Before moving into some direction it is nice
to weight all opinions, especially ones from current binkd developers.

It is some direction. It is what I had hoped/imagined a binkps implementation would be.

Synchronet's implementation is looking good to me. Direct TLS and
is working in my experience.

Still it requires modification to configurations, nodelist changes and probably DNS changes as well. STARTTLS would eliminate all of that.

It requires a binkps listener to receive and "BinkpTLS=true" in the node section of sbbsecho.ini for nodes you want to poll with binkps.

Amazingly simple.

The binkd developers are most welcome although I am not sure who
they are. Alexey perhaps but I am not sure. There is some
discussion of all this in the BINKD area that I have been
following and hoping to see the binkd developers there.

In fact this doesn't look like a good place to discuss technical
stuff, BINKD seems like a better one.

I have eyes on the area so we can move the discussion there if you like.

Ttyl :-),
Al

--- GoldED+/LNX 1.1.5-b20180707
* Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)

Hello Alan!

On Mon, 16 Dec 2019 at 14:29 -0800, you wrote to me:

No it doesn't. MitM attack can only fool client into thinking
that TLS is not supported. But you can require TLS on a client
side and it will just disconnect, no harm done.

I believe it does.

It's not about believing. You can read on wikipedia for example about MitM and STARTTLS. MitM can fool client into thinking STARTTLS is not supported. Mitigation is requiring encryption on client side. As simple as that.

That's why STARTTLS has been depricated.

It's not deprecated globally. Deprecation is only _proposed_ for SMTP and other
mail protocols and there are reasons for that, but that doesn't mean it is deprecated for everything else.

I don't think the binkd developers are going to bring STARTTLS to the table but we need to hear from them.

Exactly.

Synchronet's implementation is looking good to me. Direct TLS
and is working in my experience.

Still it requires modification to configurations, nodelist
changes and probably DNS changes as well. STARTTLS would
eliminate all of that.

It requires a binkps listener to receive and "BinkpTLS=true" in the
node section of sbbsecho.ini for nodes you want to poll with binkps.

Synhcronet is not the only software out there. And manual configuration is not even an option. Globally, (1) a new nodelist flag is required to indicate support if binkps and its port; (2) binkps must be supported on DNS level as well, i.e. _binkps._tcp SRV records; (3) nodelist parsers must be updated to understand new flag; (4) additional configuration must be introduced in mailers
to support binkps, and for binkd it may be an issue since node records were not
designed for multiple protocols based on different ports.

With STARTTLS none of this is a problem. Additional configuration flag to require TLS connection is easy to implement, nodelist flag is optional and may be used to tell client to require TLS when connecting to supporting node, and additional DNS SRV records are not needed as well.

In fact this doesn't look like a good place to discuss technical
stuff, BINKD seems like a better one.

I have eyes on the area so we can move the discussion there if you
like.

Sure, I'll crosspost it there.

* Originally in FIDONEWS
* Crossposted in BINKD


... Music Station BBS | https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20180707
* Origin: Music Station | https://ms.bsrealm.net (2:5030/1997)

On Sun, 15 Dec 2019 12:19:38 -0800
"Rob Swindell -> Oli" <0@705.103.1> wrote:

Or is it better to rely on other
ways as many nodes use a non-standard port number anyway:
- SRV records (_binkps._tcp should be mandatory)

That doesn't work for look-ups using binkp.net however.

That is binkp.net problem. The specification clearly states that
the mailer has to make a SRV query first.

Which specification is that?

I was sure it was in the binkp protocol specification, but it is in

http://ftsc.org/docs/fts-5004.001 ("DNS Distributed Nodelist")

We shouldn't develop standards around broken implementations.

I'm not sure what you're implying here.

Never mind, I was misreading and thought binkp.net does not support SRV records
at all (which it does for _binkp._tcp).

Anyway, _binkps._tcp support could be added to binkp.net.

---
* Origin: REPLY (2:280/464.47)

Hello Oli and others,

Tue. 12 Nov 2019, 16:03:07, Oli wrote to Michiel van der Vlist:

What sort of problem does the above cause?

MvdV> Apart from the fact that omitting a REPLY kludge in a reply when
MvdV> there is a MSGID, is in violation of FTS-0009, it is bloody
MvdV> annoying.

Especially when the TZUTC kludge is also missing.

I have here an almost complete Reply Tree in !WimpLink PointSoftware:

301 Messages
46 Levels
1 Area
16 Subjects
Dated 9 november 2019 to 22 december 2019.
Fully automatically created when I ask for the Reply Tree in !WimpLink Point software package for Acorn RISC OS.
This Tree is a graphical image.
I think I would need an A2 paper size to show them all.
Besides that it is also possible to select them all, and save that as a text file, or as a *.pkt package. Very handy for retossing in other FTN systems.

Henri.

--- WimpLink 1.05p
* Origin: Do you see the CONNECTion ? UniCorn BBS (2:280/1208.1)

Hello David and others,

Tue. 12 Nov 2019, 07:38:48, David Drummond wrote to Oli:

How do Wards useless nodelist flags affect your system?

Very simple, it affects all FidoNet systems and Points who want to crashpoll
a ,MOB node, because most ,MOB systems do not have connect info publisched
in the NodeList, the FidoNet phonebook.
Every ModeListed system should be on line for receiving mail, at least at ZMH, by analogue modem at POTS or ISDN lines, or by TCP/IP via internet, or both. But if no connect info is given, than it is a PVT system, and should be
marked as such. Easy he?
In reality that ,MOB systems are acting as Points, not as connectable Nodes.

The problem is Ward, and all others who use this flag,
do not want to be corrected at this point.
So the only solution is to stop your system from making crash net mail polls autimatically, because the phonenumber is missing, and the IPinfo is missing either.
When the ,MOB systems were flagged as Private, there was no problem.
The only hope is IPv6 for 3G/4G/5G mobile systems coming in the (near) future.

Henri.


--- WimpLink 1.05p
* Origin: Do you see the CONNECTion ? UniCorn BBS (2:280/1208.1)

Hello Oli and others,

Mon. 11 Nov 2019, 12:33:09, Oli wrote to Paul Quinn:

What common tech specs will they use?

The ones people agree to. I mean we already have a tech specs.

Who keeps them maintained in a central library? Why should anyone
agree to any?

Because! Without any agreement, no communication. I'm also not sure how coordinators are responsible for any standardization (apart from Ward inventing useless nodelist flags that are not part of any central specification library)?

You mean his ,MOB flag.
Indeed, there is no phonenumber, no IPv4 address and no IPv6 address,
i.e. most ,MOB systems are unconnectable.
The use of the ,MOB flag is a political deciscion, not a technical one.
It is of nu real usefull use.

Besides that, as a ZC he is filtering FTSC documented valid flags away,
but still leaves useless redundancy flags still in place,
both with his ERRORFLAGS programme he uses, that's also arbitrary.
I have proven that more than once. Search for old messages from me.

One of the essential specifications is still hiding between completely irrelevant proposals.

And that specificatien is?

I am looking forard to your answer.

Henri.

--- WimpLink 1.05p
* Origin: Do you see the CONNECTion ? UniCorn BBS (2:280/1208.1)

23 Jan 20 05:24, you wrote to me:

One of the essential specifications is still hiding between
completely irrelevant proposals.

And that specificatien is?

http://ftsc.org/docs/fsc-0039.004

aka 'A Type-2 Packet Extension Proposal'



* Origin: kakistocracy (2:280/464.47)

SEEN-BY: 3634/12 135/205 388 395 390 385 366 115 0

23 Jan 20 05:13, you wrote to me:

!WimpLink Point software package for Acorn RISC OS.

is this still shareware or are there sources available? i would love to try some fidonet software on RISC OS, but i usally don't use any closed source software.



* Origin: kakistocracy (2:280/464.47)

SEEN-BY: 3634/12 135/205 388 395 390 385 366 115 0