Re: PGP Key ring key problem


k9dc
 

On Jan 12, 2020, at 00:33, Richard Hyde <@KE4GJG> wrote:

Yep... It would be nice to have been notified... Instead of your repeater going down in the middle of an emergency EOC net…
Crossover links into IRLP from other networks have always been prohibited by IRLP policy, unless done at a Reflector. So you should not have been surprised.

The problem caused by the HAMvoip package was that it allowed folks from non-IRLP networks to dial in to IRLP. This in effect, reduced the effectiveness of our security policy. Also many of the non-IRLP networks had policies inconsistent with the RF-required end-point policy of IRLP. The EchoIRLP package for example, was designed to allow node participation in both the IRLP and Echolink networks, yet was specifically designed to prevent Echolink stations to enter the IRLP Network (and vice versa).

At the same time some Reflectors were modified to also be Echolink Conference bridges. Unfortunately that has fallen from favor a bit because now Echolink charges an annual fee to operate a conference bridge.

HAMvoip also seems to have created an informal network of passing around IRLP Boards so folks could surreptitiously obtain keys without buying the IRLP hardware. Then harvesting the PGP keys for use in an unauthorized software package such as HAMvoip.

We have been aware of this activity for quite some time (couple of years), but we kind of hoped it would go away and not cause any problems, or not be that popular. Unfortunately we have begun to receive complaints from Reflector admins about possible mis-use of the network. Therefore an automated routine was created to scan the network and identify nodes running the HAMvoip package, and remove those keys.

We are also working on a method of connecting Allstar Link conferences and designated IRLP Reflectors together in the network, much like the way Echolink Conferences and IRLP Reflectors are shared today. I am not sure that will come to pass, but it may be easier than we think. Stay tuned.

-k9dc

Join IRLP@irlp.groups.io to automatically receive all group messages.