15 Jul
2016
15 Jul
'16
11:03 a.m.
I'm not a FCC lawyer, just a ham. Seems to me all you could do is "sign" messages and not send them if the sign isn't correct. The package itself is in plain text.
I'm not sure what the confusion or concern is. The intention is to use non-plaintext (but technically not encrypted) authentication without TLS over ham frequencies. Hashed challenge/response auth methods don't violate the FCC rules. Of course, without TLS encryption, the auth process is not totally secure. And, yes, the message itself would be in plain text. But it's the best we can do given the rules. Think of it as packet radio on steroids.
73, Michael N6MEF