Friday, May 31, 2013

A modern ham outlet and open ham authentication

I am very happy to see that Gigaparts has Arduino and the Raspberry Pi available from their online store. They also have Ubiquiti gear.

So let say you want to offer a service to hams, and only hams. How do you verify they are hams? Perhaps you are creating VOIP network, with Asterisk, like Allstar. Or maybe you want to offer a dynamic dns service only to hams or, maybe some web hosting.

It can be a major pain to manage an user account database for thousands of hams and check if your users around the Internet are, in fact, licensed.

It turns out that ARRL's Logbook of the World has already given out cryptographic X.509 certificates to 57334 amateur users, after verifying their license status against the FCC database (they send a postcard with a random token code to the FCC-listed snail-mail address to make sure they give the certificate to the right guy) or after looking at a paper photocopy of a license + a photo ID.
If your registered with LoW, it's not to hard to extract your certificate. This could be used for any number of authentication purposes. One big one comes to mind. Repeater frequency coordination.
Seems this is still done by mailing reminder renewals, and signing and mailing back. If only there was a way to modernize this, and still have a (digital) signature... :-)

No comments: