On Fri, Jun 14, 2024 at 3:30 AM Chris via 44net 44net@mailman.ampr.org wrote:
[snip] 2. In relation to point 1. How do we vet the person requesting access to use an organisation’s call sign? This is really only an issue for US based clubs as the call sign has a trustee listed on the ULS database, but it would seem, that person is not always able/willing/interested in creating an account on the portal to have the call sign verified. This certainly needs more thought.
The ideal situation would be for the trustee to create an account on the portal, verify the call sign, then hand it off to another member in the organisation, i.e. once setup they do not have to be the POC for the call sign - is this really asking too much of someone who has already agreed to be the trustee, which arguably comes with such responsibilities?
This will, of course, be case dependent. In some cases, yes, it really is asking too much. In other cases, no. Should the trustee be involved at all? I would say that yes, they should. Some sort of proactive means for them to acknowledge delegation seems reasonable. But there ought to be a minimally invasive way for them to be, probably one that doesn't involve the portal. Taking a step back and trying to examine it from a holistic standpoint, it's about striking a balance between validating the authority of using the call to prevent abuse, and the bureaucratic hassle involved for the users/trustees.
Merely being a trustee requires very little administrative burden. As I understand it, in the US, it can all be handled via mail through the US postal service; occasionally one sends the equivalent of a postcard to the FCC. That's it. This can obviously be done by nearly anyone, including by folks who are not technical, don't use computers, etc. As has been mentioned, e.g. by AE0JE, such people certainly exist.
And even where folks have the technical expertise to do this, they may have neither the time nor the desire. As I mentioned earlier, I'm pretty much the only one in my club pushing to make use of AMPRNet. No one else particularly cares---I hope they will once they see how some of the cool stuff one can do with it, but we're not there yet. Forcing our callsign trustee to create an account on the portal, presumably going through his own verification process (requiring tickets and so on) all just for him to say, "yes, Dan can use the club's callsign to request an allocation" sounds like a good way to make the project stall indefinitely.
Being the trustee for a callsign does not really confer any additional status on the person; among many clubs it's a minor chore taken on by whatever member who agrees to do it, but the responsibility can be passed around between different people over time. For instance, consider what happens if the trustee moves and leaves the club, or loses interest in radio, or (sadly) becomes an SK? The club doesn't necessarily cease to exist, and the callsign is still perfectly valid, but the trustee responsibility necessarily moves to someone else. This must be accounted for in some way in whatever policy emerges around this.
- Dan C.
In our ARES/RACES organization we'd be interested in having at least 2 people being able to have access to a subdomain. That would enable a backup in case of SK, travel, or whatever issue might arise. Of course sharing a login works also, just a little less secure and harder to manage 2FA.
On Fri, Jun 14, 2024 at 10:40 AM Dan Cross via 44net 44net@mailman.ampr.org wrote:
On Fri, Jun 14, 2024 at 3:30 AM Chris via 44net 44net@mailman.ampr.org wrote:
[snip] 2. In relation to point 1. How do we vet the person requesting access to
use an organisation’s call sign? This is really only an issue for US based clubs as the call sign has a trustee listed on the ULS database, but it would seem, that person is not always able/willing/interested in creating an account on the portal to have the call sign verified. This certainly needs more thought.
The ideal situation would be for the trustee to create an account on the
portal, verify the call sign, then hand it off to another member in the organisation, i.e. once setup they do not have to be the POC for the call sign - is this really asking too much of someone who has already agreed to be the trustee, which arguably comes with such responsibilities?
This will, of course, be case dependent. In some cases, yes, it really is asking too much. In other cases, no. Should the trustee be involved at all? I would say that yes, they should. Some sort of proactive means for them to acknowledge delegation seems reasonable. But there ought to be a minimally invasive way for them to be, probably one that doesn't involve the portal. Taking a step back and trying to examine it from a holistic standpoint, it's about striking a balance between validating the authority of using the call to prevent abuse, and the bureaucratic hassle involved for the users/trustees.
Merely being a trustee requires very little administrative burden. As I understand it, in the US, it can all be handled via mail through the US postal service; occasionally one sends the equivalent of a postcard to the FCC. That's it. This can obviously be done by nearly anyone, including by folks who are not technical, don't use computers, etc. As has been mentioned, e.g. by AE0JE, such people certainly exist.
And even where folks have the technical expertise to do this, they may have neither the time nor the desire. As I mentioned earlier, I'm pretty much the only one in my club pushing to make use of AMPRNet. No one else particularly cares---I hope they will once they see how some of the cool stuff one can do with it, but we're not there yet. Forcing our callsign trustee to create an account on the portal, presumably going through his own verification process (requiring tickets and so on) all just for him to say, "yes, Dan can use the club's callsign to request an allocation" sounds like a good way to make the project stall indefinitely.
Being the trustee for a callsign does not really confer any additional status on the person; among many clubs it's a minor chore taken on by whatever member who agrees to do it, but the responsibility can be passed around between different people over time. For instance, consider what happens if the trustee moves and leaves the club, or loses interest in radio, or (sadly) becomes an SK? The club doesn't necessarily cease to exist, and the callsign is still perfectly valid, but the trustee responsibility necessarily moves to someone else. This must be accounted for in some way in whatever policy emerges around this.
- Dan C.
44net mailing list -- 44net@mailman.ampr.org To unsubscribe send an email to 44net-leave@mailman.ampr.org
I brought that up before. The way I expected it to work was that I could manage a number of different callsigns on behalf of our club or organisation or whatever you want to name it. But I would still login under my own personal account, which would get access to some different callsigns which are then also subdomains of ampr.org.
I do not seem to understand how it is working now. At first I was asked to make an account for our club, but then I need to login using the credentials supplied for that account, and I do not like that. It also causes confusion, because when I make a ticket I get the usual "your ticket has been updated" mail which does not have much info, but when I then click on the link to the ticket I just get "ERROR" and it took a while before I realized that this was becuase the mail was about a ticket for the club, and I cannot access it unless I login "as the club".
Then, there also is the issue of the number of callsigns. Apparently it was envisioned that a club would have a single callsign, and that one could attach that to the club account, and for flexibility it would be allowed to have up to 5 callsigns. But our club has way more than that! We operate several repeaters, and unlike the situation in the US repeaters do not operate under a personal or club callsign, but have a unique callsign per repeater. This even used to be different for the same site on different bands or modes, but that requirement has been lifted by the authorities. So now for new repeaters we can use the same callsign on 2m, 70cm, 23cm, FM, DMR, D-Star, Fusion etc. Before that was not the case so we still hold a lot of callsigns for all permutations of that, and for callsigns that have been changed in the meantime there still are legacy "aliases".
So basically there is a requirement for a "club" (or "organisation" or whatever) that is responsible for maintaining HAM infrastructure, including repeaters etc, and holding a reasonable number of callsigns (5 is too limiting). And it should be possible to make a regular user an admin for the club, so they can perform changes for that club from their user account with their own password and 2FA. There can (and should) be more than one admin for a club, and it should be possible to see which admin made a change, if not immediately in the user interface then at least on query to the ampr.org admin (via a ticket).
(note that I was not suggesting it would have to be that complex. the simple method of having one or more local coordinators who can enter the data as necessary was a lot easier)
Rob
On 2024-06-14 19:49, Dave Koberstein via 44net wrote:
In our ARES/RACES organization we'd be interested in having at least 2 people being able to have access to a subdomain. That would enable a backup in case of SK, travel, or whatever issue might arise. Of course sharing a login works also, just a little less secure and harder to manage 2FA.
I overlooked your previous message. Sounds like a comprehensive proposal.
-- Dave
Sent from my mobile...
On Sat, Jun 15, 2024, 7:33 AM Rob PE1CHL via 44net 44net@mailman.ampr.org wrote:
I brought that up before. The way I expected it to work was that I could manage a number of different callsigns on behalf of our club or organisation or whatever you want to name it. But I would still login under my own personal account, which would get access to some different callsigns which are then also subdomains of ampr.org.
I do not seem to understand how it is working now. At first I was asked to make an account for our club, but then I need to login using the credentials supplied for that account, and I do not like that. It also causes confusion, because when I make a ticket I get the usual "your ticket has been updated" mail which does not have much info, but when I then click on the link to the ticket I just get "ERROR" and it took a while before I realized that this was becuase the mail was about a ticket for the club, and I cannot access it unless I login "as the club".
Then, there also is the issue of the number of callsigns. Apparently it was envisioned that a club would have a single callsign, and that one could attach that to the club account, and for flexibility it would be allowed to have up to 5 callsigns. But our club has way more than that! We operate several repeaters, and unlike the situation in the US repeaters do not operate under a personal or club callsign, but have a unique callsign per repeater. This even used to be different for the same site on different bands or modes, but that requirement has been lifted by the authorities. So now for new repeaters we can use the same callsign on 2m, 70cm, 23cm, FM, DMR, D-Star, Fusion etc. Before that was not the case so we still hold a lot of callsigns for all permutations of that, and for callsigns that have been changed in the meantime there still are legacy "aliases".
So basically there is a requirement for a "club" (or "organisation" or whatever) that is responsible for maintaining HAM infrastructure, including repeaters etc, and holding a reasonable number of callsigns (5 is too limiting). And it should be possible to make a regular user an admin for the club, so they can perform changes for that club from their user account with their own password and 2FA. There can (and should) be more than one admin for a club, and it should be possible to see which admin made a change, if not immediately in the user interface then at least on query to the ampr.org admin (via a ticket).
(note that I was not suggesting it would have to be that complex. the simple method of having one or more local coordinators who can enter the data as necessary was a lot easier)
Rob
On 2024-06-14 19:49, Dave Koberstein via 44net wrote:
In our ARES/RACES organization we'd be interested in having at least 2
people being able to have access to a subdomain. That would enable a backup in case of SK, travel, or whatever issue might arise. Of course sharing a login works also, just a little less secure and harder to manage 2FA. _______________________________________________ 44net mailing list -- 44net@mailman.ampr.org To unsubscribe send an email to 44net-leave@mailman.ampr.org
Hi Rob et al,
We are taking on board these great suggestions. We currently have the following feature requests at the top of the TODO list:
- Allow organisations to “own” call signs as well as individuals; - We can increase the maximum allowed for organisations, as Rob seems to have the most :-) how many would be appropriate? 10 maybe? - Individuals would still have a limit of 5 as I haven’t heard anyone mentioning they have more personal call signs than 5. Unless anyone knows different?
- Allow an individual’s account to be associated with multiple organisations.
@Rob - just FYI - the admin of an organisation is able to add additional users and make them an admin already.
I expect to have the first point completed by the end of this coming week, then I will make a start on the second point.
These discussions are really useful, so thanks to everyone that has contributed, keep the suggestions coming.
73, Chris - G1FEF — ARDC Administrator
Web: https://www.ardc.net
On 15 Jun 2024, at 15:32, Rob PE1CHL via 44net 44net@mailman.ampr.org wrote:
I brought that up before. The way I expected it to work was that I could manage a number of different callsigns on behalf of our club or organisation or whatever you want to name it. But I would still login under my own personal account, which would get access to some different callsigns which are then also subdomains of ampr.org.
I do not seem to understand how it is working now. At first I was asked to make an account for our club, but then I need to login using the credentials supplied for that account, and I do not like that. It also causes confusion, because when I make a ticket I get the usual "your ticket has been updated" mail which does not have much info, but when I then click on the link to the ticket I just get "ERROR" and it took a while before I realized that this was becuase the mail was about a ticket for the club, and I cannot access it unless I login "as the club".
Then, there also is the issue of the number of callsigns. Apparently it was envisioned that a club would have a single callsign, and that one could attach that to the club account, and for flexibility it would be allowed to have up to 5 callsigns. But our club has way more than that! We operate several repeaters, and unlike the situation in the US repeaters do not operate under a personal or club callsign, but have a unique callsign per repeater. This even used to be different for the same site on different bands or modes, but that requirement has been lifted by the authorities. So now for new repeaters we can use the same callsign on 2m, 70cm, 23cm, FM, DMR, D-Star, Fusion etc. Before that was not the case so we still hold a lot of callsigns for all permutations of that, and for callsigns that have been changed in the meantime there still are legacy "aliases".
So basically there is a requirement for a "club" (or "organisation" or whatever) that is responsible for maintaining HAM infrastructure, including repeaters etc, and holding a reasonable number of callsigns (5 is too limiting). And it should be possible to make a regular user an admin for the club, so they can perform changes for that club from their user account with their own password and 2FA. There can (and should) be more than one admin for a club, and it should be possible to see which admin made a change, if not immediately in the user interface then at least on query to the ampr.org admin (via a ticket).
(note that I was not suggesting it would have to be that complex. the simple method of having one or more local coordinators who can enter the data as necessary was a lot easier)
Rob
On 2024-06-14 19:49, Dave Koberstein via 44net wrote:
In our ARES/RACES organization we'd be interested in having at least 2 people being able to have access to a subdomain. That would enable a backup in case of SK, travel, or whatever issue might arise. Of course sharing a login works also, just a little less secure and harder to manage 2FA.
44net mailing list -- 44net@mailman.ampr.org To unsubscribe send an email to 44net-leave@mailman.ampr.org
On Sat, Jun 15, 2024 at 12:24 PM Chris via 44net 44net@mailman.ampr.org wrote:
We are taking on board these great suggestions. We currently have the following feature requests at the top of the TODO list:
- Allow organisations to “own” call signs as well as individuals;
- We can increase the maximum allowed for organisations, as Rob seems to have the most :-) how many would be appropriate? 10 maybe?
Reading between the lines of Rob's post, it sounds like this could be an almost arbitrary number.
From a technical perspective, I wonder why there has to be a limit at all? Couldn't this just be done with a join table that maps callsigns to users and/or organizations, using an OID or something to uniquely identify the latter? I know nothing about the structure of the database used by the portal, however, so I freely admit that I'm speculating.
- Individuals would still have a limit of 5 as I haven’t heard anyone mentioning they have more personal call signs than 5. Unless anyone knows different?
What are the use cases for an individual having multiple call signs? I can think of two.
First, a user who holds calls from multiple licensing authorities. For example, it's not too uncommon for US amateurs to have callsigns issued by OfCom in the UK, or by the Canadian licensing authorities, etc. I suppose the number someone has is a function of how industrious and how much of a traveler they are.
Second, a user who has changed their callsign, either due to a license upgrade or acquisition of a "vanity" callsign. One imagines that the user would like some kind of grace period to transfer things from the old to the new. In any case, I can't imagine there would be too many such callsigns at any given time.
A third category bears mentioning: in the US, an individual gets a callsign per _service_; I don't know, but I imagine other countries could do something similar. For example, the FCC gives different call signs for amateur radio and GMRS. But I don't think that's particularly relevant, since AMPRNet is specific to amateur radio, which falls under the umbrella of the amateur service here. I suppose one could want to annotate that in an informational field in the portal ("also licensed as xyz123 on GMRS..."), but I imagine that would fall under a different rubric.
- Allow an individual’s account to be associated with multiple organisations.
Yay!
@Rob - just FYI - the admin of an organisation is able to add additional users and make them an admin already.
I expect to have the first point completed by the end of this coming week, then I will make a start on the second point.
These discussions are really useful, so thanks to everyone that has contributed, keep the suggestions coming.
Great.
- Dan C.
On 2024-06-15 21:51, Dan Cross via 44net wrote:
On Sat, Jun 15, 2024 at 12:24 PM Chris via 44net 44net@mailman.ampr.org wrote:
We are taking on board these great suggestions. We currently have the following feature requests at the top of the TODO list:
- Allow organisations to “own” call signs as well as individuals;
- We can increase the maximum allowed for organisations, as Rob seems to have the most :-) how many would be appropriate? 10 maybe?
Reading between the lines of Rob's post, it sounds like this could be an almost arbitrary number.
From a technical perspective, I wonder why there has to be a limit at all? Couldn't this just be done with a join table that maps callsigns to users and/or organizations, using an OID or something to uniquely identify the latter? I know nothing about the structure of the database used by the portal, however, so I freely admit that I'm speculating.
I agree with that. I would think that with the usual database design, there would be no real limit on the number of callsigns for a user or organisation. Callsigns just have to be in a different table, joined to the user table on user ID and with some extra key for the callsigns that would just be a sequence number. I hope it is not implemented as callsign1..callsign5 fields in the user table...
I can understand that some limit is set to the number of callsigns per user or organisation just to prevent abuse or mishaps, but not because adding additional callsigns would require changes in the code. When this limit is really wanted, it would be a field in the user or organisation record that is initialized to some value (like 5) and it can be requested to set this higher when the need arises.
I think for our club (Hobbyscoop), 10 callsigns would be enough to squeeze the currently active callsigns in, because some have changed after the rules changed. We used to have different callsigns on everything, e.g. PI2xxx for 70cm repeaters, PI3xxx for 2m repeaters, PI6xxx for SHF repeaters, PI1xxx for digital voice modes, PI8xxx for data, etc etc but now we can use PI1xxx for everything. And as the registration fee is per callsign, we are migrating towards that. However, I think to accomodate everything we have used, 10 would not be enough. 20 would be.
- Individuals would still have a limit of 5 as I haven’t heard anyone mentioning they have more personal call signs than 5. Unless anyone knows different?
What are the use cases for an individual having multiple call signs? I can think of two.
First, a user who holds calls from multiple licensing authorities. For example, it's not too uncommon for US amateurs to have callsigns issued by OfCom in the UK, or by the Canadian licensing authorities, etc. I suppose the number someone has is a function of how industrious and how much of a traveler they are.
Second, a user who has changed their callsign, either due to a license upgrade or acquisition of a "vanity" callsign. One imagines that the user would like some kind of grace period to transfer things from the old to the new. In any case, I can't imagine there would be too many such callsigns at any given time.
Indeed that is correct. We can change callsign whenever we like, and previous callsigns will remain bound to our identity and will not be issued to others. So I could change from PE1CHL to PE1CH and when after a while I don't like that I can go back to PE1CHL. (this is a callsign from the days when they were issued sequentially, but some 20 years ago a new system was implemented where one can just pick any available callsign. Many Dutch hams who picked 4-character callsigns e.g PE1C then in actual use noticed that it was not as convenient as they thought it would be, and changed back or picked a 5-character one)
Anyway, I think the limit of 5 should not be that strict. With a reasonable database design it could be made settable per user or organisation, in case they hit the limit and want to exceed it for a reasonable purpose.
Rob
This sounds similat to Australian clubs, which may have multiple callsigns under their administration. Firstly, there's often a club callsign, which is used for club nets, special events, sometimes contest and field day stations operated as a club. And like your situation, repeaters have their own callsigns, typically one per site.
I can see this ending up similar to domains, where club and other "special" subdomains have multiple contacts, similar to what you have when you register a domain - administrative contact, technical contact, etc. Individual callsign subdomains simply become a special case where all those contacts are the same person (ie callsign holder), which is obviously a lot less administrative overhead.
Over here in Australia, we also have to deal with the fallout of major administrative changes where non assigned amateur stations (basically everything except repeaters and beacons, which have frequencies assigned to them at specific sites) no longer have individual licences and operate under a class licence, provided the operator has amateur qualifications and an allocated callsign. The issue is for some of us, proving we're qualified is still not easy, as existing licence holders like myself didn't receive a formal certificate when we transitioned to the new system. All we got is an email from the ACMA stating our qualifications and allocated callsigns that carried over from the individual licences.
On 16/6/24 12:32 am, Rob PE1CHL via 44net wrote:
I brought that up before. The way I expected it to work was that I could manage a number of different callsigns on behalf of our club or organisation or whatever you want to name it. But I would still login under my own personal account, which would get access to some different callsigns which are then also subdomains of ampr.org.
I do not seem to understand how it is working now. At first I was asked to make an account for our club, but then I need to login using the credentials supplied for that account, and I do not like that. It also causes confusion, because when I make a ticket I get the usual "your ticket has been updated" mail which does not have much info, but when I then click on the link to the ticket I just get "ERROR" and it took a while before I realized that this was becuase the mail was about a ticket for the club, and I cannot access it unless I login "as the club".
Then, there also is the issue of the number of callsigns. Apparently it was envisioned that a club would have a single callsign, and that one could attach that to the club account, and for flexibility it would be allowed to have up to 5 callsigns. But our club has way more than that! We operate several repeaters, and unlike the situation in the US repeaters do not operate under a personal or club callsign, but have a unique callsign per repeater. This even used to be different for the same site on different bands or modes, but that requirement has been lifted by the authorities. So now for new repeaters we can use the same callsign on 2m, 70cm, 23cm, FM, DMR, D-Star, Fusion etc. Before that was not the case so we still hold a lot of callsigns for all permutations of that, and for callsigns that have been changed in the meantime there still are legacy "aliases".
So basically there is a requirement for a "club" (or "organisation" or whatever) that is responsible for maintaining HAM infrastructure, including repeaters etc, and holding a reasonable number of callsigns (5 is too limiting). And it should be possible to make a regular user an admin for the club, so they can perform changes for that club from their user account with their own password and 2FA. There can (and should) be more than one admin for a club, and it should be possible to see which admin made a change, if not immediately in the user interface then at least on query to the ampr.org admin (via a ticket).
(note that I was not suggesting it would have to be that complex. the simple method of having one or more local coordinators who can enter the data as necessary was a lot easier)
Rob
On 2024-06-14 19:49, Dave Koberstein via 44net wrote:
In our ARES/RACES organization we'd be interested in having at least 2 people being able to have access to a subdomain. That would enable a backup in case of SK, travel, or whatever issue might arise. Of course sharing a login works also, just a little less secure and harder to manage 2FA.
44net mailing list -- 44net@mailman.ampr.org To unsubscribe send an email to 44net-leave@mailman.ampr.org
-
Chris -
Dan Cross -
Dave Koberstein -
Rob PE1CHL -
Tony Langdon