20 Sep
2017
20 Sep
'17
11:47 a.m.
I like the concept of setting up an OpenID system. I also believe this
is a role that the larger AMPR group could do for the global amateur
radio community and give the group a larger purpose. Stepping into the
details a bit, I believe that OpenID requires an active network
connection to function. I don't think that will work in supporting
isolated networks, slow networks, or partially broken networks. Compare
that to say an X.509 certificate system (like what LOTW uses) which can
support offline validation. If we were to approach this project, I
think we'd need:
- Identify the use cases we want to solve : access to networks,
access to hosts/applications (BBSes, maybe Echolink, Dstar, whatever)
that are online, occasionally offline, completely offline. Are any of
these networks using amateur radio frequencies that cannot support
encryption. How do we solve that situation? Can it we exceptions to the
various governing bodies to allow it (ITU, FCC, etc)? Are there any
options here to provide strong and secure authentication over amateur RF
networks or must we only use the Internet?
- Identify a working community of people who are interested either
in working on the technical aspects or the validation aspects of the
solution. I do agree we should try to get the larger amateur radio
bodies involved (IARU, RSGB, ARRL, etc -
https://en.wikipedia.org/wiki/List_of_amateur_radio_organizations ).
That will take a LOT of time but I don't think it will block any
specific progress.
- Identify the workflows for each of those use cases - would be best
to delegate different use cases to those people who both need them and
have a passion to get them solved.
- Determine how to securely create a mesh of authentication nodes
worldwide
- Create some policies around these nodes on creation, maintenance,
security, auditing policies, etc.
I imagine some people might think there is a lot of bureaucratic steps
in there and I agree. The reality is that we need to find a common
point where everyone can both agree and maybe leverage existing systems
(LOTW, etc) if deemed acceptable. HAM radio seems to naturally gather
into little fiefdoms which would dilute and/or break the utility of a
global authentication system like this. This team will have to
constantly work to keep it cohesive and functional.
--David
KI6ZHD