[CQ-Contest] L.O.T.W.
Joe Subich, W4TV
k4ik at subich.com
Sat Jul 23 23:59:04 EDT 2005
W6WRT writes:
> The moaning and groaning is right on. LoTW is far too complex
> for the level of security needed. I can log into my bank account
> with only a user name and password and do financial transactions
> in perfect security.
All absolutely true ... but only half the story.
> No "certificates", no "signing" of transactions, no .TQ8 files,
> no .p12 files, no yearly renewal, etc, etc.
In fact all of these things happen with your bank's on-line
service - you just don't see them! When you log in, you already
have an established account - which was created when you went into
the bank and proved who you were. The bank's application sends
your computer a "key" for that session and all the activity is
encrypted and signed with that key. Your account is "renewed"
every month based on your activity (when you pay your bills, etc.)
if you show no activity for a specified period of time (usually
somewhere between 12 and 24 months), you will find the on-line
access "closed."
> Each of us should put pressure on our ARRL director to fix
> it. LoTW should be a source of pride to the ARRL, not a source
> of endless complaints.
If you really want to "fix" LotW ... pressure the Directors to
provide more resources for three projects: 1) get more awards
"on-line" (we need WAS, VUCC, WAZ and IOTA to start). 2) get
more publicity, particularly in the various national publications
- in other languages. 3) establish a sign-up system that is
much more convenient (and closer) to the DX operators - perhaps
through their national societies (or some of the larger ones).
The problem isn't LotW ... it's the lack of attention to the
user interface and training.
73,
... Joe, W4TV (ex K4IK)
More information about the CQ-Contest
mailing list