It's been interesting reading some of the criticisms about ARRL's LotW
identification requirements. The resistance shown is reminiscent of what I
heard a lot of before I retired. I worked at Johnson Space Center and my
last job before retiring was to help with establishing Public Key
Infrastructure (PKI) at JSC--it was being established in a similar manner at
the other NASA Centers and U.S. government agencies, as well. PKI has two
aspects: Encryption/decryption of e-mails, files and folders. The second
was electronic signature (electronically signing e-mails, electronic forms,
etc.). As "Registration Authorities", we had to do a personal identity
check on each applicant. This involved verifying personal information
provided and visual confirmation using the employee badge and driver's
license. Yes, it was involved and bothersome. But, it gave the highest
security and assurance to PKI users that the person sending an electronic
signature or an encrypted e-mail was, indeed, the person represented in the
e-mail/form.
The identification of the ARRL's LotW is very similar to that of the PKI.
For good reason: Any lesser identification requirement would raise
questions about the validity of the data. A stringent identification
requirement gives everyone the assurance that the data submitted by
so-and-so is indeed from so-and-so.
As to the argument about the online banking identification being less than
ARRL's LotW, the banks don't care much about who it is that is making
deposits/withdrawals/transfers. As long as the account is viable, they
probably don't care if it's even your next door neighbor making transactions
in your name.
LotW just happens to care more about making sure that the persons submitting
data are, indeed, who he/she says they are. That way, you and I are
confident that the QSL hits we get when we submit our logs have meaning,
validity and truth.
(Pure speculation on my part follows) Another aspect of the LotW ID process
is that there may be, in the future, other entities in other countries that
can tie in with ARRL LotW, providing local LotW for their ham populations.
When something like this happens, both parties (e.g., ARRL and RSGB) must
trust in each other's identification verification processes and the
integrity of their respective systems -- Third party trust.
Or, maybe ARRL will establish Trusted Agents in different countries so the
identification verification process can be a little easier for overseas
hams. TA's would, after being certified by ARRL, be representatives of the
ARRL's LotW and would perform the identification verification for overseas
hams that ARRL does now. Again, pure speculation on my part.
73,
dale, kg5u
_______________________________________________
CQ-Contest mailing list
CQ-Contest@contesting.com
http://lists.contesting.com/mailman/listinfo/cq-contest
|