[Dxspider-support] Forgeries

Dirk Koopman djk at tobit.co.uk
Tue Mar 11 22:43:38 GMT 2025 

There is no auth scheme that I can think of right now that does not 
involve some kind of secret sharing between nodes. If we are going to go 
down that road then we may as well just do the job properly and start to 
use PKI SSL connections with each node connection pair giving each other 
a PKI pair. We *may* be able to share the public keys around but we will 
need to fiddle about with client PKI certs because each side needs to 
verify the other. But that will result in a separate network of nodes 
that will trust each. Then we will get the howls of protest about all 
those juicy "missing" spots from outside this new (more) secure network.

More knowledgeable information to square this circle gratefully received 
(offline please).

Dirk

On 10/03/2025 19:12, Christopher Schlegel via Dxspider-support wrote:
> Nevermind. Theory, was not well thought out and I keep hitting 
> roadblocks...
>
> Chris, WI3W
>
> On Mon, Mar 10, 2025, 10:06 Christopher Schlegel <sutehk.cs at gmail.com> 
> wrote:
>
>     Dirk,
>
>     How hard would it be to implement a hashed check into the PC92
>     protocol. I.e. I log into WI3W-2, receive a randomly generated
>     number/string used to verify tx/rx between the user and node. Kind
>     of like pub/priv keys but only to generate the check. As long as
>     the check is valid keep the connection, if not, boot it.
>
>     Or, something similar. Spot validation? I'd expect CPU processing
>     to tick up a little, but most machines in use should not choke.
>
>     73,
>
>     Chris, WI3W
>
>
>     On Mon, Mar 10, 2025, 09:45 Mike McCarthy, W1NR via
>     Dxspider-support <dxspider-support at tobit.co.uk> wrote:
>
>         A small number of nodes, yes, but with about 1/4 of the total
>         users of
>         the global cluster network. VE7CC-1 alone has over 800 on any
>         given day.
>
>         On 3/10/2025 8:29 AM, Dirk Koopman via Dxspider-support wrote:
>
>         > Which means that input from the CCluster/ARCluster system would
>         > disappear as they are still using the same protocol as we
>         are and
>         > therefore just as untrusted as anyone else. Their big
>         advantage is that
>         > there are a relatively small group of nodes with an author
>         (or other
>
>         -- 
>         73 de Mike, W1NR
>
>         THAT was the equation. EXISTENCE!... SURVIVAL... must cancel
>         out...
>         programming!
>
>         - Ruk -
>
>
>         _______________________________________________
>         Dxspider-support mailing list
>         Dxspider-support at tobit.co.uk
>         https://mailman.tobit.co.uk/mailman/listinfo/dxspider-support
>
>
> _______________________________________________
> Dxspider-support mailing list
> Dxspider-support at tobit.co.uk
> https://mailman.tobit.co.uk/mailman/listinfo/dxspider-support
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.tobit.co.uk/pipermail/dxspider-support/attachments/20250311/05326f86/attachment.htm>

More information about the Dxspider-support mailing list