VOEvent 1.1 new draft with STC elaboration

[Rob Seaman]

On May 7, 2006, at 8:39 PM, Steve Allen wrote:

> Is there any desire to add W3C Signature elements for authentication?

Short answer is yes (although that doesn't equate to consensus on the  
details).

Long answer is that there are a lot of tactical entanglements  
associated with getting v1.1 out the door.  Pinning down a workable  
consensus on STC may be enough of a complication for the next  
release.  The other proposed changes are clarifications and  
simplifications:  fix the id issue, reject role=ack and  
role=iamalive, restrict <Who> content to a tiny subset of the  
possible options, and replace unbounded natural language description  
in <Why> concepts with UCDs.

Would personally be happy to consider additional simplifying changes,  
although the schedule for releasing v1.1 should be kept as soon as  
possible.  In that spirit, the question is whether signatures (of  
whatever detailed description) will simplify VOEvent usage - right  
now - or whether they should be embargoed for a future update.

I'm convinced that rigorous document authentication will be required  
once VOEvent reaches a certain maturity level.  (I'm becoming more  
convinced, in fact, that we'll find we need something more than a  
private network is needed to preserve privacy.)  We're asking people  
to trust VOEvent to publish their valuable alerts, and to trust  
VOEvent by committing their expensive and oversubscribed observing  
assets.  Why should they?

Rob