[aprssig] aprsis DOS in Poland, observation
scott at opentrac.org
Mon Sep 7 22:46:37 EDT 2020
On 9/7/2020 4:51 PM, David Andrzejewski via aprssig wrote:
> Do your embedded systems run over IP or RF or both?
Both, but in this case I'm only talking about the IP side.
> Do we need (or want) additional authentication on RF? I can see
> arguments for both sides. We don't really have any kind of strong
> authentication on RF for most other modes.
No, but my trackers do have their own RF authentication scheme for
remote control. It's a one-time password system based on a pre-shared
key, and even the 8-bit versions could handle the XXTEA block cipher
If there has to be a heavy PKI scheme, maybe we could have some kind of
authentication proxy service where you set up a certificate with the
proxy along with a pre-shared key, and then a lightweight device uses
its key to authorize the proxy to do the heavy lifting for it.
> As for LoTW being the CA, I'd caution that maybe we don't want a
> singular organization to control the PKI.
I agree. I don't think we should even be in the business of verifying
licenses; just making sure bots can't easily get lots of keys and that
keys can be revoked.
More information about the aprssig