A private, ham only OpenID server? that should provide authentication as well as authorization for assorted servers. Make it stand alone & not tied to any particular service like amprnet or echolink or LOTW. make it freely accessible to anyone who wants to authenticate a ham anywhere.
Yes, that is the basic idea, but it should not be limited to website usage and it should be possible to retrieve attributes such as "is this a verified licensed hamradio operator". The user list could contain outsiders, unverified hams and verified hams, and the facilities available to them could be different. E.g. a user who is not a verified ham would not be able to use an Echolink-like service, but they could read and contribute to a mailinglist.
The service should offer some different APIs, e.g. RADIUS for user/password authentication and maybe something like OpenID for website logon.
When a user has a valid account, he should be able to obtain client certificates for use in services where that is appropriate. The PKI design has to be careful, with some attention to detail a lot of mishaps can be avoided. This requires expertise in the matter.
Rob
Sounds like a great proposal. If you need help, count me in Or if anyone is wanting to try and set some thing up, maybe just as a poc, I would be glad to help
Ruben - ON3RVH
On 15 Sep 2017, at 20:30, Rob Janssen pe1chl@amsat.org wrote:
A private, ham only OpenID server? that should provide authentication as well as authorization for assorted servers. Make it stand alone & not tied to any particular service like amprnet or echolink or LOTW. make it freely accessible to anyone who wants to authenticate a ham anywhere.
Yes, that is the basic idea, but it should not be limited to website usage and it should be possible to retrieve attributes such as "is this a verified licensed hamradio operator". The user list could contain outsiders, unverified hams and verified hams, and the facilities available to them could be different. E.g. a user who is not a verified ham would not be able to use an Echolink-like service, but they could read and contribute to a mailinglist.
The service should offer some different APIs, e.g. RADIUS for user/password authentication and maybe something like OpenID for website logon.
When a user has a valid account, he should be able to obtain client certificates for use in services where that is appropriate. The PKI design has to be careful, with some attention to detail a lot of mishaps can be avoided. This requires expertise in the matter.
Rob
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
Ok so this is interesting in one way, but thinking of this like a business no in a profit context, but in a customer context. Is there really a demand for this service. Those of you that are anti Facebook ect maybe don't understand that groups like this exist in massive numbers in the social media sphere. Examples:
Ham Radio Operators 19,833 members 100watts and a wire FB group 8,105 Amateur Radio QRP 9,105 Amateur Radio UK 5,900 Amateur Radio 18,130 Fox Tango 3,487
My point/though is this idea just inventing a really great buggy whip while everyone is driving cars?
Devils advocate
Lin N4YCI
On Fri, Sep 15, 2017 at 2:30 PM Rob Janssen pe1chl@amsat.org wrote:
A private, ham only OpenID server? that should provide authentication as well as authorization for assorted servers. Make it stand alone & not tied to any particular service like amprnet or echolink or LOTW. make it freely accessible to anyone who wants to authenticate a ham anywhere.
Yes, that is the basic idea, but it should not be limited to website usage and it should be possible to retrieve attributes such as "is this a verified licensed hamradio operator". The user list could contain outsiders, unverified hams and verified hams, and the facilities available to them could be different. E.g. a user who is not a verified ham would not be able to use an Echolink-like service, but they could read and contribute to a mailinglist.
The service should offer some different APIs, e.g. RADIUS for user/password authentication and maybe something like OpenID for website logon.
When a user has a valid account, he should be able to obtain client certificates for use in services where that is appropriate. The PKI design has to be careful, with some attention to detail a lot of mishaps can be avoided. This requires expertise in the matter.
Rob
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
I've been running a NNTP server ((ve3cgr.ampr.org) 44.135.92.10)) on my JNOS for quite some time. Is there a demand? No, but I had fun setting it up. Ron VE3CGR
On 9/15/2017 4:52 PM, Lin Holcomb wrote:
Ok so this is interesting in one way, but thinking of this like a business no in a profit context, but in a customer context. Is there really a demand for this service. Those of you that are anti Facebook ect maybe don't understand that groups like this exist in massive numbers in the social media sphere. Examples:
Ham Radio Operators 19,833 members 100watts and a wire FB group 8,105 Amateur Radio QRP 9,105 Amateur Radio UK 5,900 Amateur Radio 18,130 Fox Tango 3,487
My point/though is this idea just inventing a really great buggy whip while everyone is driving cars?
Devils advocate
Lin N4YCI
On Fri, Sep 15, 2017 at 2:30 PM Rob Janssen pe1chl@amsat.org wrote:
A private, ham only OpenID server? that should provide authentication as well as authorization for assorted servers. Make it stand alone & not tied to any particular service like amprnet or echolink or LOTW. make it freely accessible to anyone who wants to authenticate a ham anywhere.
Yes, that is the basic idea, but it should not be limited to website usage and it should be possible to retrieve attributes such as "is this a verified licensed hamradio operator". The user list could contain outsiders, unverified hams and verified hams, and the facilities available to them could be different. E.g. a user who is not a verified ham would not be able to use an Echolink-like service, but they could read and contribute to a mailinglist.
The service should offer some different APIs, e.g. RADIUS for user/password authentication and maybe something like OpenID for website logon.
When a user has a valid account, he should be able to obtain client certificates for use in services where that is appropriate. The PKI design has to be careful, with some attention to detail a lot of mishaps can be avoided. This requires expertise in the matter.
Rob
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
If your having fun thatbia all that counts
On Fri, Sep 15, 2017 at 5:09 PM Ron Gibson ve3cgr@sympatico.ca wrote:
I've been running a NNTP server ((ve3cgr.ampr.org) 44.135.92.10)) on my JNOS for quite some time. Is there a demand? No, but I had fun setting it up. Ron VE3CGR
On 9/15/2017 4:52 PM, Lin Holcomb wrote:
Ok so this is interesting in one way, but thinking of this like a
business
no in a profit context, but in a customer context. Is there really a
demand
for this service. Those of you that are anti Facebook ect maybe don't understand that groups like this exist in massive numbers in the social media sphere. Examples:
Ham Radio Operators 19,833 members 100watts and a wire FB group 8,105 Amateur Radio QRP 9,105 Amateur Radio UK 5,900 Amateur Radio 18,130 Fox Tango 3,487
My point/though is this idea just inventing a really great buggy whip
while
everyone is driving cars?
Devils advocate
Lin N4YCI
On Fri, Sep 15, 2017 at 2:30 PM Rob Janssen pe1chl@amsat.org wrote:
A private, ham only OpenID server? that should provide authentication as well as authorization for assorted servers. Make it stand alone & not tied to any particular service like amprnet or echolink or LOTW. make it freely accessible to anyone who wants to authenticate a ham anywhere.
Yes, that is the basic idea, but it should not be limited to website
usage
and it should be possible to retrieve attributes such as "is this a verified licensed hamradio operator". The user list could contain outsiders, unverified hams and verified hams, and the facilities available to them could be different. E.g. a user who is not a verified ham would not be able
to
use an Echolink-like service, but they could read and contribute to a
mailinglist.
The service should offer some different APIs, e.g. RADIUS for
user/password
authentication and maybe something like OpenID for website logon.
When a user has a valid account, he should be able to obtain client certificates for use in services where that is appropriate. The PKI design has to be careful, with some attention to detail a lot of mishaps can be avoided. This requires expertise in the matter.
Rob
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
Lin;
On Fri, 2017-09-15 at 20:52 +0000, Lin Holcomb wrote:
Ok so this is interesting in one way, but thinking of this like a business no in a profit context, but in a customer context. Is there really a demand for this service.
I say there is. *We* (as in hams) have total ownership of the current mailman list and BK does a fine job with maintaining it as Chris does with the amprnet portal.
Those of you that are anti Facebook ect maybe don't understand that groups like this exist in massive numbers in the social media sphere.
Me personally, I'm against UNsocial media period, and I won't touch it and to suggest for anyone to be forced to use it I find quite offensive in nature.
Examples:
Ham Radio Operators 19,833 members 100watts and a wire FB group 8,105 Amateur Radio QRP 9,105 Amateur Radio UK 5,900 Amateur Radio 18,130 Fox Tango 3,487
When you view those numbers and compare them to the number of licensed hams world wide, I think you'll find that to be an extremely small number.
My point/though is this idea just inventing a really great buggy whip while everyone is driving cars?
What we have now I find to be a smooth sailing as taking a sunday drive in a Bentley where-as having to use a browser and a dis-service such as DeFacebook with any browser loaded with what I consider as bloatware (and most quite insecure) equal to driving through Manhattan NY during traffic hour in a VW Beetle with 8 people inside.
Devils advocate
Thanks for that. Ever google: facebook law suits ?? This NOT a company I support.
... just my $0.02 back at ya :)
Pedja;
On Sat, 2017-09-16 at 04:53 +0200, Pedja YT9TP wrote:
On 16.09.2017 03:00, Brian wrote:
Ever google: facebook law suits ?? This NOT a company I support.
But you do google
It was just a word to define online searching, I actually use duckduckgo
, and Google is even more evil than Facebook :) Especially if you use Chrome.
I refuse to use Chrome. I even rooted my phone to delete it and most other google apps/services. I'd run ubuntu phone if it would work with the carriers and our phones here.
In the 1996 Pactor forum I was quoted as saying: N1URO, calls Internet "the 11 meters of computing" deFacebook, Google, InstaGrudge, etc all have glorified that quote.
On 16/09/2017 6:52 AM, Lin Holcomb wrote:
Ok so this is interesting in one way, but thinking of this like a business no in a profit context, but in a customer context. Is there really a demand for this service. Those of you that are anti Facebook ect maybe don't understand that groups like this exist in massive numbers in the social media sphere. Examples:
But does it matter? We're in this for our own enjoyment. I run dialup style BBSs (albeit on telnet/SSH, instead of dialup modem). I'm my main user, not worried whether others join, but I'm having a lot of fun doing it. :) And people can have a look at freeway.apana.org.au (port 23 for telnet, 222 for SSH). I recomment using dedicated terminal programs like SyncTerm, NetRunner or Qodem (some of these are available for multiple OSs). The BBS sysop community has had similar discussions in recent times on our networks. Conclusion: as long as we're having fun, that's all that matter. :)
-
Brian -
Lin Holcomb -
Pedja YT9TP -
Rob Janssen -
Ron Gibson -
Ruben ON3RVH -
Tony Langdon