[aprssig] aprsis DOS in Poland, observation
Scott Miller
scott at opentrac.org
Mon Sep 7 22:46:37 EDT 2020
On 9/7/2020 4:51 PM, David Andrzejewski via aprssig wrote:
>
> Do your embedded systems run over IP or RF or both?
>
Both, but in this case I'm only talking about the IP side.
>
> Do we need (or want) additional authentication on RF? I can see
> arguments for both sides. We don't really have any kind of strong
> authentication on RF for most other modes.
>
No, but my trackers do have their own RF authentication scheme for
remote control. It's a one-time password system based on a pre-shared
key, and even the 8-bit versions could handle the XXTEA block cipher
just fine.
If there has to be a heavy PKI scheme, maybe we could have some kind of
authentication proxy service where you set up a certificate with the
proxy along with a pre-shared key, and then a lightweight device uses
its key to authorize the proxy to do the heavy lifting for it.
> As for LoTW being the CA, I'd caution that maybe we don't want a
> singular organization to control the PKI.
>
I agree. I don't think we should even be in the business of verifying
licenses; just making sure bots can't easily get lots of keys and that
keys can be revoked.
Scott
N1VG
More information about the aprssig
mailing list