controlling STARTTLS by IP address
Michael Fox
news at mefox.org
Fri Jul 15 08:03:16 UTC 2016
> I'm not a FCC lawyer, just a ham. Seems to me all you could do is "sign"
> messages and not send them if the sign isn't correct. The package itself
> is in plain text.
I'm not sure what the confusion or concern is. The intention is to use
non-plaintext (but technically not encrypted) authentication without TLS
over ham frequencies. Hashed challenge/response auth methods don't violate
the FCC rules. Of course, without TLS encryption, the auth process is not
totally secure. And, yes, the message itself would be in plain text. But
it's the best we can do given the rules. Think of it as packet radio on
steroids.
73,
Michael
N6MEF
More information about the dovecot
mailing list