- I've got the authentication list mechanism implemented now. I'll probably
upload it tomorrow - it needs a new version of the config program to avoid
having the list wiped out every time you modify the configuration there.
The syntax is as follows:
AUTHLIST prints current list
AUTHLIST +callsign adds callsign to list
AUTHLIST -callsign removes callsign from list
AUTHLIST NONE erases list
I've been considering implementing two access levels, but at this point I
don't think it's worth it. There shouldn't be many authorized users, and
generally you're either going to trust them or not. I can see where it
might be useful to allow public access to certain things, though. But I
don't want to get into maintaining an access list for each command...
I've got a pretty good idea of how I'm going to implement the strong
authentication format, but I'm still working out the intermediate one. A
session logon where you only have to authenticate once and can issue
commands over maybe a 5-minute period would be convenient, but it would
leave you open to spoofing - someone could wait for you to start a session
and then inject a command that appeared to come from your station.
Maybe it's good enough for what it needs to do, though. The truly paranoid
will still have another option.