15 Sep
2017
15 Sep
'17
3:56 p.m.
Sounds like a great proposal.
If you need help, count me in
Or if anyone is wanting to try and set some thing up, maybe just as a poc, I would be glad
to help
Ruben - ON3RVH
On 15 Sep 2017, at 20:30, Rob Janssen <pe1chl(a)amsat.org> wrote:
A private, ham
only OpenID server? that should provide authentication
as well as authorization for assorted servers. Make it stand alone &
not tied to any particular service like amprnet or echolink or LOTW.
make it freely accessible to anyone who wants to authenticate a ham
anywhere.
Yes, that is the basic idea, but it should not be limited to website usage
and it should be possible to retrieve attributes such as "is this a verified
licensed hamradio operator". The user list could contain outsiders,
unverified hams and verified hams, and the facilities available to them could
be different. E.g. a user who is not a verified ham would not be able to use an
Echolink-like service, but they could read and contribute to a mailinglist.
The service should offer some different APIs, e.g. RADIUS for user/password
authentication and maybe something like OpenID for website logon.
When a user has a valid account, he should be able to obtain client certificates
for use in services where that is appropriate.
The PKI design has to be careful, with some attention to detail a lot of
mishaps can be avoided. This requires expertise in the matter.
Rob
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net