[aprssig] Who/where is the Certificate Authority for the APRS-IS servers?
georg at op-co.de
Tue Sep 30 02:01:50 CDT 2014
* Andrew P. <andrewemt at hotmail.com> [2014-09-25 03:30]:
> I was planning on supporting the null cipher for SSL links to the
> APRS-IS servers. Is there any reason to support encrypting ciphers at
This is actually a very good question. I follow the stance that
encryption is disallowed over ham radio frequencies, but does no harm
for amateur radio issues over public IP networks. However, it might well
happen that our APRS-IS traffic is routed via HamNet, putting it in
APRSdroid is currently using the default cipher suite of Android, which
excludes null, but I am not opposed to change that. As amateur radio
communication is public anyway, I'm probably just too paranoid if I want
it protected from non-amateurs.
P.S: in this early stage, it might not be useful to perform
server-certificate checks in the client, but just to accept anything.
The client certificate presented by your application should prevent MitM
attacks, after all, and this lowers the hurdle to running an APRS-SSL
|| http://op-co.de ++ GCS d--(++) s: a C+++ UL+++ !P L+++ !E W+++ N ++
|| gpg: 0x962FD2DE || o? K- w---() O M V? PS+ PE-- Y++ PGP+ t+ 5 R+ ||
|| Ge0rG: euIRCnet || X(+++) tv+ b+(++) DI+++ D- G e++++ h- r++ y? ||
++ IRCnet OFTC OPN ||_________________________________________________||
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 811 bytes
Desc: Digital signature
More information about the aprssig