[ale] OT:pgp, linux and ham radionetworking

Rod Young development at combiz.net
Thu Mar 1 11:43:03 EST 2001


Would it have to a unique token? What about a simple password system that 
is filtered thru a pgp handshake?
There are few loopholes in part 97 that might give us room to come up 
with something. Example we can use spread spectrum and send telemtry and 
commands. I am assuming that to be legal any third party must be able 
toresolve the pass word. The system I am thinking of relies on a 
uniqueness of a dynamic signature.

>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<

On 03/01/2001, 11:09:04 AM, Ed Landa <elanda at globix.com> wrote regarding 
Re: [ale] OT:pgp, linux and ham radionetworking:


> > How about using PGP or a related technology not to encrypt but to digital
> > sign the password? Is the singnature dynamic or static? In other words
> > could a third party intercept a login and copy it then resend later to
> > spoof the system?

> If the server system sends a unique token to the user each time, and this
> token is only valid for access during that session, this would be 
possible.

> (Excuse the ASCII):

> S:   (unique token)    -------------------->     C:
>                   signs token using private key  C:
> S:   <------------------   (signed token)        C:
> S: verifies signature on token and grants access

> Now, I don't have any idea if this will pass FCC muster.

> Ed
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.





More information about the Ale mailing list