Sounds like a great proposal. If you need help, count me in Or if anyone is wanting to try and set some thing up, maybe just as a poc, I would be glad to help
Ruben - ON3RVH
On 15 Sep 2017, at 20:30, Rob Janssen pe1chl@amsat.org wrote:
A private, ham only OpenID server? that should provide authentication as well as authorization for assorted servers. Make it stand alone & not tied to any particular service like amprnet or echolink or LOTW. make it freely accessible to anyone who wants to authenticate a ham anywhere.
Yes, that is the basic idea, but it should not be limited to website usage and it should be possible to retrieve attributes such as "is this a verified licensed hamradio operator". The user list could contain outsiders, unverified hams and verified hams, and the facilities available to them could be different. E.g. a user who is not a verified ham would not be able to use an Echolink-like service, but they could read and contribute to a mailinglist.
The service should offer some different APIs, e.g. RADIUS for user/password authentication and maybe something like OpenID for website logon.
When a user has a valid account, he should be able to obtain client certificates for use in services where that is appropriate. The PKI design has to be careful, with some attention to detail a lot of mishaps can be avoided. This requires expertise in the matter.
Rob
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net