[Feature Request]: Only allow empty keys for nodes that are set as a licensed user #5700
Comments
|
I think this is suggesting that non-HAM licensed nodes should not be allowed to use blank keys, or be able to send completely unencrypted traffic. It seems like this is being proposed as a "solution" for HAMs who are worried about digipeating traffic originating from nodes run by unlicensed operators. I do not think that usage of encryption should be used as a heuristic to decide whether or not the traffic originated from a HAM operator or not, and in addition to this, nothing stops someone from lying about their licensing status. If the purpose of this feature request is to allow a HAM operator to selectively rebroadcast traffic from other HAM operators only, another field should probably be added to the packets to indicate station license status, and then an option should be added to the Rebroadcast Mode dropdown for "only packets from licensed stations", or something like that. |
|
I had some additional musings in Discord, which I'll include here:
|
|
I've given this some more thought, and I realized that requiring encryption on unlicensed traffic means that Meshtastic would be outright illegal to use to jurisdictions that ban encryption, unless users in those jurisdictions turn on licensed operator mode, which in turn just enables even more foot guns. Is this really a good solution? 🤔 I generally think that being explicit in protocol design is a whole lot clearer and more flexible in the long term than being implicit. Making the implicit assumption that all unencrypted traffic is and always will be licensed traffic, and all encrypted traffic is and always will be unlicensed traffic is a vague and seemingly arbitrary decision from a protocol design standpoint. It creates limitations on what is possible with the protocol in the future once implemented, and is not nearly as flexible as just adding a flag to packets that indicate whether the originating node is licensed or not. |
|
Isn't there an option to still use some kind of cryptographic signing in Meshtastic without encryption enabled? Encryption ham radio is forbidden globally - signing not. This still would solve a lot of real world problems. |
Areas that do not allow any encryption may be an even smaller audience of meshtastic usage than licensed mode users. I have not seen any examples of folks contending with it. I suspect most individuals subject to those restrictions just pick a lora region (illegally) and hang out on the defaults or don't use meshtastic at all. |
|
It's also very easy to exploit this keyless nature Crazy idea 🥔what about some base key where its key=Licensed:Callsign with a very reversible hash which is the encryption but it's not There needs to be a way to route these packets effectively over all networks to make this enjoyable and help in its emergency use. And not be exploitable why wouldn't everyone use nokey if the ham infrastructure is built robust in an area, or to bypass duty cycle limits |
Platform
Cross-Platform
Description
Right now we allow users who are not licensed users to set empty keys for channels when they are not in licensed user mode, we should restrict empty keys to only licensed users so that Hams do not have to be concerned with potentially rebroadcasting messages sent from unlicensed users.
The text was updated successfully, but these errors were encountered: