3 Dec
2021
3 Dec
'21
2:22 p.m.
It would be most helpful if the amprnet BOD could post in writing an
official statement regarding using common secure communications (https. TLS
etc.) over the 44. IP network.
This email list is used for communications regarding the use of the IP
address space. I'm not asking about the use of encryption over part 97 RF
radio, just the 44 network IP address space. I am not aware of any portion
of the Part 97 rules that apply to the wired internet at large.
Everyone has an opinion, but it's time for the amprnet Board to clarify the
muddy waters around the use of the amprnet IP space and publish those rules.
Please!
73,
Kevin Walsh
W8KHW
3 Dec
3 Dec
2:29 p.m.
On 4/12/21 6:22 am, Kevin Walsh via 44Net wrote:
It would be most helpful if the amprnet BOD could post
in writing an
official statement regarding using common secure communications (https. TLS
etc.) over the 44. IP network.
This email list is used for communications regarding the use of the IP
address space. I'm not asking about the use of encryption over part 97 RF
radio, just the 44 network IP address space. I am not aware of any portion
of the Part 97 rules that apply to the wired internet at large.
Everyone has an opinion, but it's time for the amprnet Board to clarify the
muddy waters around the use of the amprnet IP space and publish those rules.
I
don't see a problem. Just follow the rules and best practice.
When transiting over the Internet, best practice includes using
encryption where possible. When transiting over the amateur bands,
follow your country's rules. I don't see why a policy for encryption
needs to be developed for 44net space.
--
73 de Tony VK3JED/VK3IRL
http://vkradio.com
3:10 p.m.
The BoD are not lawyers and ARDC's purpose doesn't include commenting on
encryption under part 97. I suggest you contact a telecom lawyer or try
reaching out to the lawyers at ARRL.
Tim
On 12/3/21 11:22 AM, Kevin Walsh via 44Net wrote:
It would be most helpful if the amprnet BOD could post
in writing an
official statement regarding using common secure communications (https. TLS
etc.) over the 44. IP network.
This email list is used for communications regarding the use of the IP
address space. I'm not asking about the use of encryption over part 97 RF
radio, just the 44 network IP address space. I am not aware of any portion
of the Part 97 rules that apply to the wired internet at large.
Everyone has an opinion, but it's time for the amprnet Board to clarify the
muddy waters around the use of the amprnet IP space and publish those rules.
Please!
73,
Kevin Walsh
W8KHW
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
4:15 p.m.
On 12/3/21 8:22 PM, Kevin Walsh via 44Net wrote:
It would be most helpful if the amprnet BOD could post
in writing an
official statement regarding using common secure communications (https. TLS
etc.) over the 44. IP network.
Why? That would be a matter for each individual
operator to decide, based on
their local laws and regulations, and the extend to which those are enforced in practice.
I don't see a need for any centralized statement about that, especially as this is
a worldwide network and regulations of all participating countries, as well as the
technologies used in the network, can impossibly be overseen by the ARDC.
Rob
4 Dec
4 Dec
12:47 p.m.
In the US if it is OTA ham then it would require published key, if it is on
the internet it would be up to ampr, if ampr is saying up to the operator
and that seems lodgical to me.
Lin NI4Y
On Fri, Dec 3, 2021 at 4:15 PM Rob PE1CHL via 44Net <44net(a)mailman.ampr.org>
wrote:
On 12/3/21 8:22 PM, Kevin Walsh via 44Net wrote:
--
Lin Holcomb
Office: +1 404 806 5412
Mobile: +1 404 933 1595
Fax: +1 404 348 4250
It would be most helpful if the amprnet BOD could
post in writing an
official statement regarding using common secure communications (https.
TLS
etc.) over the 44. IP network.
Why? That
would be a matter for each individual operator to decide, based
on
their local laws and regulations, and the extend to which those are
enforced in practice.
I don't see a need for any centralized statement about that, especially as
this is
a worldwide network and regulations of all participating countries, as
well as the
technologies used in the network, can impossibly be overseen by the ARDC.
Rob
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
6 Dec
6 Dec
10:37 a.m.
Hi Kevin,
You seem to be conflating the addresses used (which are controlled by ARDC) with the
network used (which could be controlled by anyone). There are no muddy waters here. My
understanding is that you should use the addresses for amateur radio purposes, which could
well include purposes that require or benefit from encryption. There is no assumption made
that all traffic originated by hosts using 44net addresses is suitable for transmission by
an amateur station in all jurisdictions internationally.
In the IETF I am working on this document:
https://datatracker.ietf.org/doc/html/draft-learmonth-rfc1226-bis-03 where I am working to
update the standard for carrying AX.25 packets over IP links, I specifically talk about
places where encryption should be used in relation to amateur radio links. I’d be
interested in feedback on that if you have any. The concepts map onto 44net traffic almost
directly where you might have IP traffic encapsulated in IP (i.e. the IPIP mesh) or simply
have hosts accessible from the Internet.
If there was interest in an informational document to be put together for the general case
of encryption of amateur radio transmissions and Internet linking then that’s something I
could kick off.
Thanks,
Iain.
From: 44Net <44net-bounces+irl=hambsd.org(a)mailman.ampr.org> on behalf of Kevin Walsh
via 44Net <44net(a)mailman.ampr.org>
Date: Friday, 3 December 2021 at 19:23
To: 44Net <44net(a)mailman.ampr.org>
Cc: Kevin Walsh <w8khw1(a)gmail.com>
Subject: [44net] Request for official clarification from ampr.net BOD
It would be most helpful if the amprnet BOD could post in writing an
official statement regarding using common secure communications (https. TLS
etc.) over the 44. IP network.
This email list is used for communications regarding the use of the IP
address space. I'm not asking about the use of encryption over part 97 RF
radio, just the 44 network IP address space. I am not aware of any portion
of the Part 97 rules that apply to the wired internet at large.
Everyone has an opinion, but it's time for the amprnet Board to clarify the
muddy waters around the use of the amprnet IP space and publish those rules.
Please!
73,
Kevin Walsh
W8KHW
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
10:50 a.m.
I am not aware of any portion of the Part 97 rules
that apply to the wired
internet at large.
Part 97 rules only apply to RF transmissions made from US territory on
amateur radio bands. Full stop.
The Internet at large does not operate on the ham bands, and most of it does
not operate from US territory. And 44net/AMPRnet, while reserved for ham
radio users and purposes, is technically not ham radio territory unless you
are using AX.25, or carrying it on say WiFi links that exceed the
restrictions of unlicensed uses of WiFi bands but are still within what is
permitted as amateur radio use (e.g. licensed use of 2.4 GHz spectrum). And
any Part 97 restrictions *would* apply in these latter cases whether or not
an AMPRnet IP address is used, if transmitters located within US territory
are used.
As soon as you get rid of ham radio transmission, or anything that's
happening is happening in any of the other countries of the world, Part 97
is completely inapplicable.
73
Jim VE5EV
15 Dec
15 Dec
3:55 a.m.
On 6 Dec 2021, at 16:50, Jim MacKenzie via 44Net
<44net(a)mailman.ampr.org> wrote:
Indeed. I don’t think any national regulation at all considers any IP address space
as “amateur radio”. Amateur radio is transmitted by radio and of course using ham
spectrum.
I think other national regulations are quite similar. At least in Spain/Europe it is legal
to use
encryption *only* for equipment control purposes. Originally it was intended for
repeater control, nowadays it should be possible to use ssh, for example, to
manage AREDN equipment.
73,
Borja / EA2EKH
I am not aware of any portion of the Part 97
rules that apply to the wired
internet at large.
Part 97 rules only apply to RF transmissions made from US territory on
amateur radio bands. Full stop. 
4:09 p.m.
On 15/12/21 7:55 pm, Borja Marcos via 44Net wrote:
All,
This is the situation in Australia, taken from this document
https://www.legislation.gov.au/Details/F2020C00376
(3A) The licensee must not operate an amateur station to transmit
signals that are encoded for the purpose of obscuring the meaning of the
signals, except for:
(a) signals exchanged between an amateur station and
a space station in an amateur-satellite service for the purpose of
controlling the operation of the space station; and
(b) signals exchanged between an amateur station and
an unattended amateur station for the purpose of controlling the
operation of the unattended amateur station; and
(c) intercommunications when participating in
emergency services operations or training exercises related to emergency
services.
Let the bush lawyers have fun!!
Ray vk2tv
On 6 Dec 2021, at 16:50, Jim MacKenzie via 44Net
<44net(a)mailman.ampr.org> wrote:
Indeed. I don’t think any national regulation at
all considers any IP address space
as “amateur radio”. Amateur radio is transmitted by radio and of course using ham
spectrum.
I think other national regulations are quite similar. At least in Spain/Europe it is
legal to use
encryption *only* for equipment control purposes. Originally it was intended for
repeater control, nowadays it should be possible to use ssh, for example, to
manage AREDN equipment.
73,
Borja / EA2EKH
I am not aware of any portion of the Part 97
rules that apply to the wired
internet at large.
Part 97 rules only apply to RF transmissions made from US territory on
amateur radio bands. Full stop.
16 Dec
16 Dec
11:33 a.m.
On 15 Dec 2021, at 22:09, vk2tv via 44Net
<44net(a)mailman.ampr.org> wrote:
(c) intercommunications when participating in emergency services
operations or training exercises related to emergency services.
Cool! We don’t have this one and I was actually considering making a proposal to add it.
I can imagine all kind of nefarious consequences if during a serious emergency miscreants
can take hold
of supplies thanks to communications snooping.
73,
Borja / EA2EKH
11:37 p.m.
Frankly speaking, one should proxy between "on-air" interfaces and the
"Internet/ISP" interface at large. This can still be a 1-to-1 NAT mapping
so to keep IP use within a given 44/8 subnet. But utilizing a proxy
ensures that you as the network operator and licensed operator have the
ability to inspect traffic which when we're talking about public
interconnection *is* necessary as you cannot predict what the public in
this case will do in terms of reply that may be out-of-bounds for the radio
service. This way you can take requests that are HTTPS and by using a MITM
proxy or similar, can inspect or encrypt and if needed, re-encode traffic
going in and out of the radio interface.
On Thu, Dec 16, 2021 at 8:35 AM Borja Marcos via 44Net <
44net(a)mailman.ampr.org> wrote:
On 15 Dec 2021, at 22:09, vk2tv via 44Net
<44net(a)mailman.ampr.org>
wrote:
(c) intercommunications when
participating in
emergency services operations or training exercises related to
emergency
services.
Cool! We don’t have this one and I was actually considering making a
proposal to add it.
I can imagine all kind of nefarious consequences if during a serious
emergency miscreants can take hold
of supplies thanks to communications snooping.
73,
Borja / EA2EKH
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
17 Dec
17 Dec
4:24 a.m.
Hi Don
MITM of HTTPS is no longer really a possibility with modern browsers
through Certificate Transparency, at least not without triggering dire
warnings to the end user. This is even with a rogue CA certificate
voluntarily installed.
See https://certificate.transparency.dev/
Cheers
Tom
On Fri, 17 Dec 2021 at 04:39, Don Fanning via 44Net <44net(a)mailman.ampr.org>
wrote:
Frankly speaking, one should proxy between
"on-air" interfaces and the
"Internet/ISP" interface at large. This can still be a 1-to-1 NAT mapping
so to keep IP use within a given 44/8 subnet. But utilizing a proxy
ensures that you as the network operator and licensed operator have the
ability to inspect traffic which when we're talking about public
interconnection *is* necessary as you cannot predict what the public in
this case will do in terms of reply that may be out-of-bounds for the radio
service. This way you can take requests that are HTTPS and by using a MITM
proxy or similar, can inspect or encrypt and if needed, re-encode traffic
going in and out of the radio interface.
On Thu, Dec 16, 2021 at 8:35 AM Borja Marcos via 44Net <
44net(a)mailman.ampr.org> wrote:
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
On 15 Dec 2021, at 22:09, vk2tv via 44Net
<44net(a)mailman.ampr.org>
wrote:
(c) intercommunications when
participating in
emergency services operations or training exercises related to
emergency
services.
Cool! We don’t have this one and I was actually considering making a
proposal to add it.
I can imagine all kind of nefarious consequences if during a serious
emergency miscreants can take hold
of supplies thanks to communications snooping.
73,
Borja / EA2EKH
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
8 Dec
8 Dec
11 p.m.
Okay so we will leave the over the air regulations part out of the discussion.
What I see is that "secure communications" are mostly dictated by the
user end applications. So I don't feel that it really has anything to
do with ARDC, as technically they just administer the IP space (not
really even the networks). However if you are suggesting best
(secure) practices for interconnecting the proposed points of
presence, then that could be a valid discussion topic, and that would
be best discussed with those on that committee.
There was a good idea, basically an IETF for ham radio a while back,
and it's website or formal name escapes me ( I am sure someone will
chime in). That would likely be a good way to address your concerns.
I feel your idea has to be a concept presented to a number of user and
application software developers.
Steve
On Fri, Dec 3, 2021 at 1:23 PM Kevin Walsh via 44Net
<44net(a)mailman.ampr.org> wrote:
It would be most helpful if the amprnet BOD could post in writing an
official statement regarding using common secure communications (https. TLS
etc.) over the 44. IP network.
This email list is used for communications regarding the use of the IP
address space. I'm not asking about the use of encryption over part 97 RF
radio, just the 44 network IP address space. I am not aware of any portion
of the Part 97 rules that apply to the wired internet at large.
Everyone has an opinion, but it's time for the amprnet Board to clarify the
muddy waters around the use of the amprnet IP space and publish those rules.
Please!
73,
Kevin Walsh
W8KHW
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
13 Dec
13 Dec
10:39 a.m.
Security has many facets - encryption is only one.
For instance, it should be perfectly fine to use one-time passwords to
authenticate and authorise access over-the-air, as there is no
information that is being encrypted or obscured, as long as the actual
information being exchanged is in the clear.
At least this is how I understand it for Canada and the US - I do not
know if this is acceptable world-wide.
We all have to be aware of our local laws and only transmit data that
fits those. This is not easy when interconnecting with the internet,
where most everything is going encrypted these days - and increasing.
- Richard, VE7CVS
On 12/8/21 8:00 PM, Steve L via 44Net wrote:
Okay so we will leave the over the air regulations
part out of the discussion.
What I see is that "secure communications" are mostly dictated by the
user end applications. So I don't feel that it really has anything to
do with ARDC, as technically they just administer the IP space (not
really even the networks). However if you are suggesting best
(secure) practices for interconnecting the proposed points of
presence, then that could be a valid discussion topic, and that would
be best discussed with those on that committee.
There was a good idea, basically an IETF for ham radio a while back,
and it's website or formal name escapes me ( I am sure someone will
chime in). That would likely be a good way to address your concerns.
I feel your idea has to be a concept presented to a number of user and
application software developers.
Steve
1070
days inactive
1084
days old
13 comments
13 participants
participants (13)
-
Borja Marcos -
Don Fanning -
irl@hambsd.org -
Jim MacKenzie -
Kevin Walsh -
Lin Holcomb -
Richard Chycoski -
Rob PE1CHL -
Steve L -
Tim Požar -
Tom M0LTE -
Tony Langdon -
vk2tv