On 2023-09-27 17:22:47 (+0800), Peter Hannay via 44net wrote:
In relation to general internet access you prevent access to encrypted
services via traffic inspection or use a transparent proxy to strip
encryption upstream before it hits the radio link.
Some sites would break if they use HSTS, but many services would work just
fine.
You'd want to make sure users understand this though, as accessing anything
that requires a login would be a terrible idea.
One would hope that amateur RF users understand that there is no expectation of privacy on amateur RF bands. Those users are expected to be licensed and understand the conditions of their licence.
Just some thoughts I've had as I'm planning to provide some limited access
to the internet via RF and want to make sure I'm doing things in a
completely above board manner.
Please do report on how well this ends up working. I've been thinking of setting this up too.
With a lot of the public internet becoming end-to-end encrypted, I would expect to see transparent proxies struggle to decrypt everything. Additionally, some jurisdictions also require at least periodic transmission of the operator's callsign. Ideally, this would be done by the client (e.g. by adding an X-HAM-OPERATOR: header to HTTP traffic), but doing it in a proxy may be easier. Food for thought!
Philip VR2WTZ