On 16 Sep 2017, at 03:02, Pedja YT9TP yt9tp@uzice.net wrote:
On 15.09.2017 17:51, Chris via 44Net wrote:
I am interested in putting some effort into such a project, it would be of benefit not only to the AMPRNet Portal, but has wider benefits to other areas of Amateur Radio I'm involved in. I was looking a while back at how to validate a user for the Portal with the ultimate goal of issuing certificates similar to LOTW.
I guess that would be far to much work for small population it would target.
It has other uses in other areas of Amateur Radio, but yes, when I looked into the possibilities previously it would take some effort, which is why I wouldn’t take it on on my own.
If you want certification use LOTW. It is meant just for that purpose and they already did all the job. LOTW certification is not complicated because they made it so. It is just if you use certificates, it gets complicated. And LOTW managed to make it as simple as possible.
It may be possible to link to LOTW if they were willing, but setting up our own CA and issuing certificates is not difficult and doesn’t need to be complicated.
It’s the validation bit that’s difficult, for most countries you can’t automate the process, it would need a human being to validate the request. My thoughts were along the lines of establishing and building a web of trust to delegate the work. It’s not just coding effort, it’s social engineering as well.
Chris