16 Sep
2017
16 Sep
'17
5:33 a.m.
On 16/09/2017 5:50 PM, G1FEF via 44Net wrote:
It may be possible to link to LOTW if they were
willing, but setting up our own CA and issuing certificates is not difficult and doesn’t
need to be complicated.
Yep, done it for the likes of OpenVPN networks, where I was
the sole CA
for all links. That meant I could personally validate every connection
as being authorised to access our network. The issuing of certificates
is a dead simple process.
It’s the validation bit that’s difficult, for most countries you can’t automate the
process, it would need a human being to validate the request. My thoughts were along the
lines of establishing and building a web of trust to delegate the work. It’s not just
coding effort, it’s social engineering as well.
Yep, it's deciding how much
trust you need, then ensuring you have a web
that provides the level of trust appropriate. And each country is
different. Australia no longer issues paper licenses by default, would
a PDF downloaded off the Internet be acceptable? These are the
questions that must be resolved by the validating CA. I do like the way
the US hams are validated by LoTW (by mail to the registered contact
address), I think that would work here too now. But you've hit the nail
on the head, it's the human/social stuff that is very hard when it comes
to setting up validation. The technology is simple. :)
--
73 de Tony VK3JED/VK3IRL
http://vkradio.com