I can't remember the status of this and didn't see it skimming the info pack - is there a official port/setup/etc. for bink over TLS for fsxNet?


--

NuSkooler
Xibalba BBS @ xibalba.l33t.codes / 44510(telnet) 44511(ssh)
ENiGMA 1/2 BBS WHQ | Phenom | 67 | iMPURE | ACiDic

--- ENiGMA 1/2 v0.0.12-beta (linux; x64; 12.13.1)
* Origin: Xibalba -+- xibalba.l33t.codes:44510 (21:1/121)

165

I can't remember the status of this and didn't see it skimming the info pack -
is there a official port/setup/etc. for bink over TLS for fsxNet?

24553 is the default port we have been using. I have a binkps server listening on port 24553 and I also send stuff to hub 4 with tls on port 24553.

I think Paul has a binkps listening also but I'm not sure if it is on port 24553 or not.

--- BBBS/Li6 v4.10 Toy-4
* Origin: (21:4/106.1)

Re: Bink over TLS
By: NuSkooler to All on Mon Jun 22 2020 02:49 pm

I can't remember the status of this and didn't see it skimming the info pack - is there a official port/setup/etc. for bink over TLS for fsxNet?

Official - not sure :)

But most of the hubs have SSL enabled (IIRC) - I think all are on 24553 (which you could try with your current setup to your hub).

...ëîåï

... Heresy is only another word for freedom of thought.
--- SBBSecho 3.11-Linux
* Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)

On 22 Jun 2020 at 01:59p, Al pondered and said...

24553 is the default port we have been using. I have a binkps server listening on port 24553 and I also send stuff to hub 4 with tls on port 24553.

I think Paul has a binkps listening also but I'm not sure if it is on
port 24553 or not.

Yep correct, do you want me to start polling you using SSL Nu?

--- Mystic BBS v1.12 A46 2020/05/28 (Windows/32)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)

NuSkooler wrote (2020-06-22):

I can't remember the status of this and didn't see it skimming the info pack - is there a official port/setup/etc. for bink over TLS for fsxNet?

The unofficial status for TLS in fsxnet: half broken / interoperability issues 1/100, 2/100 and 4/100 are still using deprecated TLS crypto.

This is my setup:

- port 24553
- TLS 1.2 and 1.3 only
- SNI disabled for all outgoing connections
- self-signed cert
- TOFU for outgoing connections (trust on first use)

My server also refuses TLS 1.3 connections that transmits the domain name via SNI in clear text (experimental). As binkp doesn't use domain-based virtual hosting and the nodelist supports custom ports, SNI is just a useless metadata leak in binkps connections.

---
* Origin: (21:3/102)

On 24 Jun 2020 at 09:35a, Oli pondered and said...

The unofficial status for TLS in fsxnet: half broken / interoperability issues 1/100, 2/100 and 4/100 are still using deprecated TLS crypto.

Oh hi Oli, how are you?

--- Mystic BBS v1.12 A46 2020/05/28 (Windows/32)
* Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)