Alternatie proposal for digital signatures

Rick Wagner rwagner at physics.ucsd.edu
Wed Mar 12 15:44:40 PDT 2008


Hi,

FYI - I recently (last night) learned that Go Daddy provides a free  
SSL certificate for a year to projects using an OSI-approved license.  
I don't how this fits with anyone's plans, but it seemed like it  
might be a convenience to small projects, particularly to those  
outside of academia.

--Rick

http://tinyurl.com/2rqah5
https://www.godaddy.com/gdshop/ssl/ssl_opensource.asp

On Mar 12, 2008, at 3:27 PM, Matthew Graham wrote:

> Hi Bob,
>
> Thanks for posting this. One of the main motivations for using X. 
> 509 certificates and XML digital signatures is that this is the  
> security model recommended by the International Virtual Observatory  
> Alliance (IVOA) which defined the VOEvent standard. Consistency and  
> interoperability are often better goals than an easier implementation.
>
> 	Cheers,
>
> 	Matthew
>
> On Mar 12, 2008, at 3:13 PM, Bob Denny wrote:
>
>> Hello all --
>>
>> First let me introduce myself - I'm a software developer making my  
>> living (for
>> 10 years) doing a commercial off-the-shelf automation system for  
>> small and
>> medium sized observatories. I attended the Hotwiring workshop and  
>> enjoyed it
>> thoroughly. I have finally been able to act on my wishes (and  
>> customer
>> requests!) and have created a VOEvent receiver for my dispatch  
>> scheduling
>> software. I want to thank Alasdair Alan for his recent copious  
>> help in getting
>> me off the ground in that endeavour.
>>
>> In the course of developing the receiver I realized, like the rest  
>> of you, that
>> VOEvent messages need digital signatures. I read though the  
>> archived traffic
>> here to see where the thought processes are, and I recalled Steve  
>> Allen's
>> digisig paper at Hotwiring (which I got a copy of via the just- 
>> published
>> proceedings).
>>
>> I thought I'd take a pass at digital signatures, with the goals of:
>>
>> * Elective implementation at the originating and receiving end
>> * No impact on the VOEvent message or schema; decoupled from  
>> issues like
>>  canonicalization and schema evolution
>> * No impact on existing parsers
>> * Flexible/adaptable trust model
>> * Minimal implementation requirements
>> * Use of free/open-source tools that run on any platform (that  
>> matters)
>> * No cost/low pain: no involvement with Certification Authorities
>>
>> I designed and built a working model so as to prove its  
>> feasibility and check
>> speed issues. I talked with one of your members this morning and  
>> he encouraged
>> me to post it here for discussion. So...
>>
>> http://solo.dc3.com/~rdenny/VoDigiSig.pdf   (informal/unpublished  
>> paper)
>> http://solo.dc3.com/~rdenny/VoDigiSig.zip   (sources for  
>> implementation)
>>
>> I should mention that any language can be used; Perl was used for  
>> the working
>> model because it seems pervasively used in the astronomy community.
>>
>>  -- Bob
>>
>>
>>
>
>

------------------------------------------------------------------------ 
-
Rick Wagner, Graduate Student Researcher
UCSD Physics
9500 Gilman Drive
La Jolla, CA  92093-0424
Email:  rwagner at physics.ucsd.edu
WWW:    http://lca.ucsd.edu/projects/rpwagner
(858) 822-4784 Phone
------------------------------------------------------------------------ 
-
Measuring programming progress by lines of code is
like measuring aircraft building progress by weight.
--Bill Gates
------------------------------------------------------------------------ 
-



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.ivoa.net/pipermail/grid/attachments/20080312/f85d4397/attachment-0003.html>


More information about the grid mailing list