[aprssig] APRS web messaging

[scott at opentrac.org]

Yeah, but that's just going to generate a support problem - people are going
to want to know where to get the callpass code, and it really doesn't add
much aside from obscurity.

If they have to generate an authentication message on RF, then at least
you've made them show that they're on the air and more likely a real ham.
And since we've seen them on the air, us Igate operators can gate their
traffic to RF and reasonably assume that they're legally entitled to be on
the air.

I see 3 issues that need to be addressed:

1. Legal authority to transmit.  APRS messages can be retransmitted on RF by
Igates anywhere in the world - what do the rules say about messages directly
generated by non-hams?  Do the Igate operators assume full responsibility
for those third-party transmissions?

2. Inappropriate content.  Even if they're authorized users, there are
restrictions on what can be sent in these messages.  Some of that can be
handled with filtering.

3. Impersonation.  Might not be a big concern with regular QSOs, but it
worries me because I'm building devices that accept remote commands and have
the option to authenticate solely by origin callsign.

Scott
N1VG 

> -----Original Message-----
> From: aprssig-bounces at lists.tapr.org 
> [mailto:aprssig-bounces at lists.tapr.org] On Behalf Of wa7nwp at jnos.org
> Sent: Thursday, August 10, 2006 6:47 PM
> To: TAPR APRS Mailing List
> Subject: RE: [aprssig] APRS web messaging
> 
> 
> > I figure you could have the system give a new user a code 
> that must be
> > sent
> > via RF into the network to authenticate themselves.  It'd 
> be inconvenient
> > for the user if they're not set up for it or don't have a 
> local IGate, but
> > it doesn't require intervention.
> 
> 
> APRSPLUS, or one of Brents follow on projects, had a page for sending
> messages authenticated with the users code for Aprsplus.   We 
> could do the
> same with the aprs-is callpass functionality.