[CQ-Contest] LoTW Usage - Will you use it???
Dick Green
dick.green at VALLEY.NET
Mon Sep 29 12:49:31 EDT 2003
While I agree with Darryl that the most secure method is for a DX station to
send a CD-R with a signed log to a QSL manager for upload to LoTW, this may
not be feasible or desirable in all cases. Therefore, it was contemplated
that QSL managers might need certs for some of the stations they manage.
Many DX stations either don't have access to the Internet to obtain a cert,
don't have throughput adequate for large logs, or don't want to hassle with
Qsling in any form.
In my opinion, the next best choice is for the QSL manager to apply for a
cert for the DX station. This would be appropriate when the DX station has
no access to the Internet, cannot or does not want to upload logs to LoTW,
or supplies paper logs to a QSL manager who types them into a logging
program. In this case, the QSL manager would apply for the cert. The DX
station still has to supply the required license and ID information, so
security is maintained. I don't know whether ARRL will mail the password to
the DX station or to the QSL manager in such cases. I believe there will be
documentation on the web about this shortly.
If the DX station has Internet access and wants to be able to upload logs
too, then it is possible to share the cert with a QSL manager. He would use
the "Certificate... Save" feature to export the certificate and e-mail the
resulting .P12 file to the QSL manager. The export is relatively safe, in
that a password can be specified to protect the private key in the export
file, making it useless to anyone who happens to intercept the file. I agree
with Darryl that this is the least secure way to do it, but it may be
appropriate for some stations.
In both cases where the QSL manager has a cert for the DX station, the DX
station is effectively trusting that the QSL manager will not issue QSLs to
people who didn't earn them. However, this level of trust has always been
necessary for paper QSL cards, too.
Note that the certificate export command allows all-important backup of the
cert and private key to another medium. Do not use the .TQ6 file to backup
the certificate because it contains only the the public key that is used to
verify your signature, not the private key used to sign QSOs. Use TQSLcert's
"Certificate... Save" command to create a .P12 file for export and save it
to a floppy, CD-R, tape, another hard drive, another computer, etc. The
private key is not stored on ARRL computers (only your computer) and cannot
be recreated if you lose it. Similarly, any password you choose to protect
the private key is known only to you and is not stored on the ARRL
computers. Don't forget it!
73, Dick WC1M
> -----Original Message-----
> From: Darryl Wagoner [mailto:darryl at shecora.com]
> Sent: Sunday, September 28, 2003 11:45 AM
> To: cq-contest at contesting.com
> Subject: RE: [CQ-Contest] LoTW Usage - Will you use it???
>
>
>
>
> > -----Original Message-----
>
> > Another choice would be to e-mail your zipped ADIF file and
> > cert to a trusted person who has broadband or can stand the
> > dial-up time. Basically, this person will be acting as your
> > LoTW QSL Manager.
>
> Ah, that won't work unless you also send them the private
> key. Which I think is a very bad idea. I think it would be
> better to send a CD with the signed log to a friend or
> someone else willing to upload the data.
>
> Also maybe ARRL would consider setting up a signing server
> where the private key is kept encrypted and the owner could
> upload unsigned QSO and the server would sign them using the
> the private once the owner has provide their private key password.
>
> good luck & 73
> -darryl WA1GON
>
>
More information about the CQ-Contest
mailing list