On Wed, Jan 13, 2016 at 6:25 AM, Brian Kantor <Brian(a)ucsd.edu> wrote:
> The existing portal works fairly
> well for a first cut at making one. Undoubtedly we'll refine it but that
> depends on volunteers to do the design and programming (PHP, Javascript),
> and so far several calls for volunteers have fallen on deaf ears.
This isn't completely true. You can grep the archives for "I'll be
happy to help with the programming" to find at least one offer.
Alternatively, my opinion is that Chris would get more help if the
project were open sourced. Now instead of recruiting volunteers, he
will have contributors. This allows for a lot more flexibility. For
example, a ham in one part of the world is stuck at home on a rainy
weekend is setting up an AMPR system and encounters a bug. Meanwhile,
Chris is enjoying a weekend away from the computer in a part of the
world with more favorable weather. With an open source project, the
first ham can dig around for the bug and send Chris a patch without
any pre-approval. When Chris returns, he can vet the patch before
applying it to the SVN [or whatever technology] repo. This
significantly lowers the bar for volunteers and administration.
If the portal is open sourced, expect a patch from me within the first week.
Tom KD7LXL
Re-validating on a regular/annual basis should be for everyone not
just coordinators and gateway ops. It keeps contact information
current and could also confirm if they wish to keep their netblock
allocation.
Think of it as a subtle reminder to maybe get back on board with
something they may have put off. :
And allows address space to be returned to the pool, and any
associated DNS entries in that address space to be removed as well as
any associated gateways.
I think I might have been the first to ask of the portal project was
going to be open source. My thoughts at the time was it seemed like a
number of regional BGP connected chucks where breaking off and I
figured they may also want to implement a user end kind of portal.
If there are some security by obscurity concerns in its design, then
we just need a github type of thing hosted on 44net so that non hams
are restricted from viewing and submitting to the project.
And even if that doesn't happen for the portal, I think a ham only
github type of thing might be a good idea. A number of ham projects
get picked up and spun by commercial folks. The earliest example is
probably Phil Karn's NOS code. And now a present day example would be
about non licensed folks getting access to modified atheros drivers or
the CS7000 firmware, etc.
Le 12/01/2016 20:00, 44net-request(a)hamradio.ucsd.edu a écrit :
> The original suggestion was that there was a way to bypass simple
> address assignment by automating the process.
No possible i think, because we must verify the real identity of
the persons requesting IPand if this verification is automatic
it will be very easy to pirat the system...
For example if I have a doubt about the person, I phone him to check
the identity. An automatic system can do this.
;o)
Best regards,
Ludovic - F5PBG.
Third ed it..
--Ted Gervais 1464 luxury aveWindsor OntarioN8p0a9
-------- Original message --------
From: ve1jot <ve1jot(a)eastlink.ca>
Date: 2016-01-12 12:00 AM (GMT-05:00)
To: AMPRNet working group <44net(a)hamradio.ucsd.edu>
Subject: Re: [44net] Verifying the identities of IP coordinators
(Please trim inclusions from previous messages)
_______________________________________________
seconded!
On 16-01-10 01:40 PM, Paul Lewis wrote:
> (Please trim inclusions from previous messages)
> _______________________________________________
> Thank you Brian for those kind words
> and also for the work you do and your team in the background support
> for the past 25+ years
> paul g4apl
> In message <20160110145927.GA32116(a)UCSD.Edu>, Brian Kantor
> <Brian(a)UCSD.Edu> writes
>> (Please trim inclusions from previous messages)
>> _______________________________________________
>> There seems to be some confusion here. The discussion was never about
>> verifying the identities of coordinators.
>>
>> The original suggestion was that there was a way to bypass simple
>> address assignment by automating the process.
>>
>> I explained at the time that the coordinators perform a valuable service
>> that can't be automated in any practical way.
>>
>> In fact, many coordinators do far more than assign addresses - they
>> consult with users and provide assistance in getting their stations on
>> the net. Many of the people currently using AMPRNet would not have been
>> able to do so without the help of their local coordinator.
>>
>> I think the coordinators, many of whom have been performing that service
>> for years, deserve a round of thanks from the community. They certainly
>> have my appreciation for their hard work and dedication.
>> - Brian
>>
>> _________________________________________
>> 44Net mailing list
>> 44Net(a)hamradio.ucsd.edu
>> http://hamradio.ucsd.edu/mailman/listinfo/44net
>
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
Id there any SMTP server (mail relay) that can pickup any from
*.ampr.org email adrss or any 44.** IP adtress and can send it to the
outside world ?
If yes what its ip adress ?
Thanks Forward
Ronen - 4Z4ZQ
http://www.ronen.org
> The question of automating address assignment has been looked into;
> about the only way it could be done would be if we had a secure method
> of making sure that the applicant is a bona fide ham radio operator.
> At the moment, the only known automated way of doing this is to use
> Logbook of the World certificates, which greatly restricts the number
> of people who could prove their eligibility and has its own set of
> problems.
Brian,
The problem of knowing who we're corresponding with is as old as the
written word. I feel that PKI provides the best solution available.
I'm not familiar with LOTW, but I know the PKI process well, and I'm
confident that it provides a simpler and more robust solution.
There are, of course, many different ways to implement a secure
process: for the moment, I'll ask that we leave aside the
implementation details and talk about the idea. We could use a secure
web site to give access to coordinators, or restrict ssh access to key
holders, or accept only signed emails: the process is essentially the
same for all.
It boils down to authentication: we can issue private keys to every
coordinator who seeks to use an automated process to issue IP
addresses.
* PGP/GPG users have access to "Keysigning parties" where other
keyholders will verify their meatspace identities by inspecting
their drivers license, passport, etc.
* SSH and SSL users could, in theory, employ the keysigning process to
verify their identity, even though it's not customary. They could
also provide letters from attorneys or ministers or other public
figures, attesting to their identities, in the same manner that
Thawte used to verify X.509 certificates.
Long story short, LOTW isn't the only way to verify an identity. There
are other methods, already implemented and available, which can be
used instead.
Bill, KW4OC
Le 08/01/2016 20:00, 44net-request(a)hamradio.ucsd.edu a écrit :
> Delays of months and years by coordinators continues to be heard
Some coordinators works very slow... For me i validate IP ask in few hours
and sometimes few days (week-end...).
I create a subnet for some friends in order to have an IP more faster
for them
because the coord does not validate the IP.
It will be nice to have an alert to the big admin of ampr.org when a
IP ask
is not validate after two weeks (for example). Then, itwill be nice to
change
the local coordif he does not do his job in ham'spirits conditions...
;o)
Best regards,
Ludovic - Coord 44.151
> Subject:
> Re: [44net] Is someone read the contact us in the portal ?
> From:
> Brian Kantor <Brian(a)UCSD.Edu>
> Date:
> 01/08/2016 06:53 PM
>
> To:
> AMPRNet working group <44net(a)hamradio.ucsd.edu>
>
>
> The question of automating address assignment has been looked into;
> about the only way it could be done would be if we had a secure method
> of making sure that the applicant is a bona fide ham radio operator.
> At the moment, the only known automated way of doing this is to use
> Logbook of the World certificates, which greatly restricts the number of
> people who could prove their eligibility and has its own set of problems.
Also the experience with automation projects is that they often get stranded partly
completed, for all kinds of reasons. The question often is what is better: a working
manual system or a partially finished automated system that does not offer the
flexibility that a manual system has.
(e.g. w.r.t. correcting mistakes, accommodating special situations, handling a large
batch of updates, etc)
Rob
Kind if wondering the status of this myself.
Perhaps the easiest would be to amend the present email robot to ask
for a username and password field (kind of how the old gateways robot
worked) so the end user can edit their own entries?
>Hi there
>How do I update the AMPR.ORG DNS records ?
>The Portal write that the web page that there is a test and records will
>not apear in the real AMPR.ORG zone file
>and the email system i used to sent updates to reply with error
>Please advice
>Thanks Forward
>Ronen - 4Z4ZQ
>http://www.ronen.org
