[ale] OT:pgp, linux and ham radionetworking
Rod Young
development at combiz.net
Thu Mar 1 11:36:03 EST 2001
> Have you contacted the ARRL about a way this?
Not yet.
> Your callsign as well as all transmissions must be in the clear.
> Are you considering obfuscating the login? Instead, how about
> using a *one*-time password sent in the clear?
> It seems that this would be more secure and additionally
> not in contravention of the Federal Confusion Commission's rules.
> 73, Brian, WIDOC
Just the password. It seems to me to pass the muster it a third party
must be able to obtain the plain text password. If the digital signature
is dynamic (IE the same exact signature text is not used) and the
plaintext password can be resolved by the anythird party, then it it is
no different than any other digitalized signal system we use. The
security would be that you brian would be the only holder of your private
key. Therefore only you could gernerate your digital signature. Anyone
could download your public key to verify the signature. But no one should
be able to dupelicate it. I am not a pgp user YET. So if there are users
out there who see a hole in my thinking please point it out.
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list