[CQ-Contest] LoTW Usage - Will you use it???
Dick Green
dick.green at valley.net
Tue Sep 30 00:21:17 EDT 2003
Bob,
I *was* an advisor to ARRL during the design phase of LoTW, almost two years
ago. During that period, I refrained from making public comments about LoTW
because I was not an official spokesperson for ARRL and it would not have
been appropriate for a team member to discuss the project outside ARRL.
After the design phase, and during the development phase, I occasionally
provided advice to ARRL when they asked for it. Although I was no longer an
official member of the LoTW team, I continued to refrain from making public
comments about it. This was partly because it was not my place to speak for
ARRL and partly because there were still many implementation decisions to be
made and no one could speak about features without inviting lots of trouble
and confusion.
After LoTW was released, ARRL asked my opinion about one implementation
process they are considering. I am happy to offer up my opinion to them on
such matters, but that doesn't make me an official member of the LoTW team.
Now that LoTW has been released, there have been many e-mails on the
reflectors from people who need help understanding and using it. In areas
that I'm confident I understand, I have tried to supply some assistance. One
reason I'd like to do this on an informal basis is that it might help
offload the folks at HQ, who have a lot of LoTW tasks on their hands right
now. I've noticed that others who have studied TQSL and TQSLcert have
offered advice as well. Are you saying that I shouldn't be allowed to do
that because I participated on the design team?
Further, I don't think anything I wrote in the e-mail below could be
interpreted as expressing ARRL policy. The only controversial statement is
my revelation that during the design process we thought about how QSL
managers might need to use the system. I didn't say anything about the
decisions that were ultimately made in that regard. I said that I believe
some documentation will be published soon, but this isn't much different
from the numerous credible rumors posted on this reflector by
"semi-insiders". Everything else is either prefaced with "in my opinion" or
is an explanation of how the publicly accessible TrustedQSL programs work.
Also, I don't agree that ARRL should refrain from using public lists to talk
about LoTW. N1ND makes frequent posts to the CQ Contest reflector with
announcements, explanations, log checking issues, problem reports, news,
etc. Why shouldn't the LoTW staff do the same?
Finally, let's try to keep in mind that this hobby is still about "hams
helping hams", and this was the spirit in which my assistance was offered.
73, Dick WC1M
> -----Original Message-----
> From: R Johnson [mailto:k1vu at tmlp.com]
> Sent: Monday, September 29, 2003 8:53 PM
> To: dick.green at VALLEY.NET; 'Darryl Wagoner'; cq-contest at contesting.com
> Subject: RE: [CQ-Contest] LoTW Usage - Will you use it???
>
>
> Dick:
> Are you speaking for yourself or the ARRL LoTW team using the
> CQ Contest List for a forum for the League ???
>
> After doing a TEOMA.COM search on your callsign WC1M, I
> found that " those advising the project include Dick Green,
> WC1M"!!! See http://www.arrl.org/news/stories/2001/08/02/3/ !!!
>
> I personally consider it poor form for the ARRL, their
> employees or advisors to use a Public List in this manner.
>
> Other member associated with the development LoTW have
> refrained from using Non-ARRL list to respond to LoTW questions !!!
>
> 73
> Bob, K1VU
>
> At 11:49 9/29/2003 , Dick Green wrote:
> >While I agree with Darryl that the most secure method is for a DX
> >station to send a CD-R with a signed log to a QSL manager
> for upload to
> >LoTW, this may not be feasible or desirable in all cases.
> Therefore, it
> >was contemplated that QSL managers might need certs for some of the
> >stations they manage. Many DX stations either don't have
> access to the
> >Internet to obtain a cert, don't have throughput adequate for large
> >logs, or don't want to hassle with Qsling in any form.
> >
> >In my opinion, the next best choice is for the QSL manager
> to apply for
> >a cert for the DX station. This would be appropriate when the DX
> >station has no access to the Internet, cannot or does not want to
> >upload logs to LoTW, or supplies paper logs to a QSL manager
> who types
> >them into a logging program. In this case, the QSL manager
> would apply
> >for the cert. The DX station still has to supply the
> required license
> >and ID information, so security is maintained. I don't know whether
> >ARRL will mail the password to the DX station or to the QSL
> manager in
> >such cases. I believe there will be documentation on the web
> about this
> >shortly.
> >
> >If the DX station has Internet access and wants to be able to upload
> >logs too, then it is possible to share the cert with a QSL
> manager. He
> >would use the "Certificate... Save" feature to export the
> certificate
> >and e-mail the resulting .P12 file to the QSL manager. The export is
> >relatively safe, in that a password can be specified to protect the
> >private key in the export file, making it useless to anyone
> who happens
> >to intercept the file. I agree with Darryl that this is the least
> >secure way to do it, but it may be appropriate for some stations.
> >
> >In both cases where the QSL manager has a cert for the DX
> station, the
> >DX station is effectively trusting that the QSL manager will
> not issue
> >QSLs to people who didn't earn them. However, this level of
> trust has
> >always been necessary for paper QSL cards, too.
> >
> >Note that the certificate export command allows
> all-important backup of
> >the cert and private key to another medium. Do not use the
> .TQ6 file to
> >backup the certificate because it contains only the the
> public key that
> >is used to verify your signature, not the private key used to sign
> >QSOs. Use TQSLcert's "Certificate... Save" command to create a .P12
> >file for export and save it to a floppy, CD-R, tape, another hard
> >drive, another computer, etc. The private key is not stored on ARRL
> >computers (only your computer) and cannot be recreated if
> you lose it.
> >Similarly, any password you choose to protect the private
> key is known
> >only to you and is not stored on the ARRL computers. Don't forget it!
> >
> >73, Dick WC1M
> >
> > > -----Original Message-----
> > > From: Darryl Wagoner [mailto:darryl at shecora.com]
> > > Sent: Sunday, September 28, 2003 11:45 AM
> > > To: cq-contest at contesting.com
> > > Subject: RE: [CQ-Contest] LoTW Usage - Will you use it???
> > >
> > >
> > >
> > >
> > > > -----Original Message-----
> > >
> > > > Another choice would be to e-mail your zipped ADIF file
> and cert
> > > > to a trusted person who has broadband or can stand the dial-up
> > > > time. Basically, this person will be acting as your LoTW QSL
> > > > Manager.
> > >
> > > Ah, that won't work unless you also send them the private
> > > key. Which I think is a very bad idea. I think it would be
> > > better to send a CD with the signed log to a friend or
> > > someone else willing to upload the data.
> > >
> > > Also maybe ARRL would consider setting up a signing server
> > > where the private key is kept encrypted and the owner could
> > > upload unsigned QSO and the server would sign them using the
> > > the private once the owner has provide their private key password.
> > >
> > > good luck & 73
> > > -darryl WA1GON
> > >
> > >
> >
> >---------------------------------------------------------------
> > The world's top contesters battle it out in Finland!
> >THE OFFICIAL FILM of WRTC 2002 now on professional DVD and VHS!
> > http://home1.pacific.net.sg/~jamesb/
> >---------------------------------------------------------------
> >
> >_______________________________________________
> >CQ-Contest mailing list
> >CQ-Contest at contesting.com
> >http://lists.contesting.com/mailman/listinfo/cq-contest
>
More information about the CQ-Contest
mailing list