> Are you 100% sure your interpretation of the FCC rules is correct?Yes> Do you really want passwords going out over RF unencrypted?No. I don't plan to use plaintext auth methods.> As far as I know, only ham bands are not allowed to use encryption. Even > baby monitors these days are DECT. (Mind you, not good encryption.)Correct. It is ham radio. Michael
I'm not a FCC lawyer, just a ham. Seems to me all you could do is "sign" messages and not send them if the sign isn't correct. ?The package itself is in plain text.? Anyway, I'll leave the thread but would like to hear about the final solution. ? Original Message ? From: Michael Fox Sent: Thursday, July 14, 2016 2:54 PM To: 'Dovecot Mailing List' Subject: RE: controlling STARTTLS by IP address> Are you 100% sure your interpretation of the FCC rules is correct?Yes> Do you really want passwords going out over RF unencrypted?No. I don't plan to use plaintext auth methods.> As far as I know, only ham bands are not allowed to use encryption. Even > baby monitors these days are DECT. (Mind you, not good encryption.)Correct. It is ham radio. Michael
> I'm not a FCC lawyer, just a ham. Seems to me all you could do is "sign" > messages and not send them if the sign isn't correct. ?The package itself > is in plain text.I'm not sure what the confusion or concern is. The intention is to use non-plaintext (but technically not encrypted) authentication without TLS over ham frequencies. Hashed challenge/response auth methods don't violate the FCC rules. Of course, without TLS encryption, the auth process is not totally secure. And, yes, the message itself would be in plain text. But it's the best we can do given the rules. Think of it as packet radio on steroids. 73, Michael N6MEF