Alternatie proposal for digital signatures
Rick Wagner
rwagner at physics.ucsd.edu
Wed Mar 12 15:44:40 PDT 2008
Hi,
FYI - I recently (last night) learned that Go Daddy provides a free
SSL certificate for a year to projects using an OSI-approved license.
I don't how this fits with anyone's plans, but it seemed like it
might be a convenience to small projects, particularly to those
outside of academia.
--Rick
http://tinyurl.com/2rqah5
https://www.godaddy.com/gdshop/ssl/ssl_opensource.asp
On Mar 12, 2008, at 3:27 PM, Matthew Graham wrote:
> Hi Bob,
>
> Thanks for posting this. One of the main motivations for using X.
> 509 certificates and XML digital signatures is that this is the
> security model recommended by the International Virtual Observatory
> Alliance (IVOA) which defined the VOEvent standard. Consistency and
> interoperability are often better goals than an easier implementation.
>
> Cheers,
>
> Matthew
>
> On Mar 12, 2008, at 3:13 PM, Bob Denny wrote:
>
>> Hello all --
>>
>> First let me introduce myself - I'm a software developer making my
>> living (for
>> 10 years) doing a commercial off-the-shelf automation system for
>> small and
>> medium sized observatories. I attended the Hotwiring workshop and
>> enjoyed it
>> thoroughly. I have finally been able to act on my wishes (and
>> customer
>> requests!) and have created a VOEvent receiver for my dispatch
>> scheduling
>> software. I want to thank Alasdair Alan for his recent copious
>> help in getting
>> me off the ground in that endeavour.
>>
>> In the course of developing the receiver I realized, like the rest
>> of you, that
>> VOEvent messages need digital signatures. I read though the
>> archived traffic
>> here to see where the thought processes are, and I recalled Steve
>> Allen's
>> digisig paper at Hotwiring (which I got a copy of via the just-
>> published
>> proceedings).
>>
>> I thought I'd take a pass at digital signatures, with the goals of:
>>
>> * Elective implementation at the originating and receiving end
>> * No impact on the VOEvent message or schema; decoupled from
>> issues like
>> canonicalization and schema evolution
>> * No impact on existing parsers
>> * Flexible/adaptable trust model
>> * Minimal implementation requirements
>> * Use of free/open-source tools that run on any platform (that
>> matters)
>> * No cost/low pain: no involvement with Certification Authorities
>>
>> I designed and built a working model so as to prove its
>> feasibility and check
>> speed issues. I talked with one of your members this morning and
>> he encouraged
>> me to post it here for discussion. So...
>>
>> http://solo.dc3.com/~rdenny/VoDigiSig.pdf (informal/unpublished
>> paper)
>> http://solo.dc3.com/~rdenny/VoDigiSig.zip (sources for
>> implementation)
>>
>> I should mention that any language can be used; Perl was used for
>> the working
>> model because it seems pervasively used in the astronomy community.
>>
>> -- Bob
>>
>>
>>
>
>
------------------------------------------------------------------------
-
Rick Wagner, Graduate Student Researcher
UCSD Physics
9500 Gilman Drive
La Jolla, CA 92093-0424
Email: rwagner at physics.ucsd.edu
WWW: http://lca.ucsd.edu/projects/rpwagner
(858) 822-4784 Phone
------------------------------------------------------------------------
-
Measuring programming progress by lines of code is
like measuring aircraft building progress by weight.
--Bill Gates
------------------------------------------------------------------------
-
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.ivoa.net/pipermail/grid/attachments/20080312/f85d4397/attachment-0003.html>
More information about the grid
mailing list