[ale] OT:pgp, linux and ham radionetworking
Rod Young
development at combiz.net
Thu Mar 1 11:43:03 EST 2001
Would it have to a unique token? What about a simple password system that
is filtered thru a pgp handshake?
There are few loopholes in part 97 that might give us room to come up
with something. Example we can use spread spectrum and send telemtry and
commands. I am assuming that to be legal any third party must be able
toresolve the pass word. The system I am thinking of relies on a
uniqueness of a dynamic signature.
>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<
On 03/01/2001, 11:09:04 AM, Ed Landa <elanda at globix.com> wrote regarding
Re: [ale] OT:pgp, linux and ham radionetworking:
> > How about using PGP or a related technology not to encrypt but to digital
> > sign the password? Is the singnature dynamic or static? In other words
> > could a third party intercept a login and copy it then resend later to
> > spoof the system?
> If the server system sends a unique token to the user each time, and this
> token is only valid for access during that session, this would be
possible.
> (Excuse the ASCII):
> S: (unique token) --------------------> C:
> signs token using private key C:
> S: <------------------ (signed token) C:
> S: verifies signature on token and grants access
> Now, I don't have any idea if this will pass FCC muster.
> Ed
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list