17 Feb
2021
17 Feb
'21
5:16 a.m.
On 2/17/21 11:03 AM, Toussaint OTTAVI via 44Net wrote:
But it can be useful as a simple pre-authentication
for a group of users : all users coming from a 44net IP are licensed operators. Then, a
simple firewall rule can grant them access to the private parts of the network.
I think that will not work. It would require trusting the entire group of network admins
that they will only admit licensed operators to their subnetworks.
I know that this is difficult to do for me. When I get a request like "I am Rob
PE1CHL and I want some addresses to use on 44Net" there is no way for me to really
verify that this mail is really coming from a licensed operator, and even less to verify
that he keeps that license during the time he can still use that address. I do look for
clues in the requests that hint that the user is not really a radio amateur (I sometimes
get those via the Portal), but it is not 100%.
And how can I know what level of validation there is in other countries?
And how can I know what is the license level of the operator behind the address when they
cannot even bother to get their reverse DNS pointing to their callsign?
Sure, the admittance of only 44Net traffic (44.0.0.0/9 and 44.128.0.0/10) is a first step
when guarding a system from access by just everyone, and try to limit it to mostly radio
amateurs with hopefully good intentions.
But I never would use it as a method to allow e.g. to operate a transmitter (as was the
example use case).
Rob