On 24.04.2014 15:56, Nigel Vander Houwen wrote:
I believe Cory's point here is that you can (relatively safely) make the assumption that someone coming from a 44-net IP is likely going to be someone in the amateur radio community. However, that doesn't tell you who they are.
Yes, I fully agree on this.
This is the distinction I believe Cory is trying to make that source IP is not authentication. If your goal is to provide a service that relies on knowing you're talking with a specific person, then you need to start looking at authentication methods, a number of which have been discussed, such as usernames/passwords, certs, etc.
True. In my case I need to check against radio amateurs, not single identities.
However I could track down the source based on the 44net allocation. E.g. dmr.db0myk.ampr.org resolves to 44.225.73.37 and the responsible person for "db0myk" is Hans, DL5DI, according to our database from the regulator. This is still no authentication but a very close assumption that arriving IP packets from 44.225.73.37 are from Hans. If you have in mind that my system is connected by IPIP mesh only and I block encapsulated source44 packets from AMPRGW (which might be spoofed somewhere on the internet) the assumption is even closer...
73, Jann