[aprssig] APRS-IS Passcode alternative: SSL + Certificates, with no data encryption

Javier Henderson javier at kjsl.org
Mon Mar 31 21:44:49 EDT 2014


On Mar 31, 2014, at 5:28 PM, Jason KG4WSV <kg4wsv at gmail.com> wrote:


>> And it would require a
>> centralized database.
> 
> That little aside _is_ the problem.  Who do you trust? Who do you
> trust to keep a list of people that can be trusted?
> 
> For any authentication system to work, someone has to keep a list, and
> then be willing to deal with all the extra work involved in certifying
> everyone on the list.

If we use LotW certificates, we’d be trusting the ARRL. They consider those secure enough to trust them for DXCC credit, so I’m sure we can trust them for this purpose as well.

And in the future, other suitable CA’s could be accepted if they’re ran by equally trusted sources, such as ARRL counterparts in other countries, StartSSL, Verisign, etc.

Hessu OH7LZB did a presentation about all of this at DCC last year, which is available on youtube:

https://www.youtube.com/watch?v=wQxtvvhf4K8

73,
-jav k4jh


More information about the aprssig mailing list