Alternatie proposal for digital signatures

Matthew Graham mjg at cacr.caltech.edu
Wed Mar 12 15:27:49 PDT 2008 

Hi Bob,

Thanks for posting this. One of the main motivations for using X.509  
certificates and XML digital signatures is that this is the security  
model recommended by the International Virtual Observatory Alliance  
(IVOA) which defined the VOEvent standard. Consistency and  
interoperability are often better goals than an easier implementation.

	Cheers,

	Matthew

On Mar 12, 2008, at 3:13 PM, Bob Denny wrote:

> Hello all --
>
> First let me introduce myself - I'm a software developer making my  
> living (for
> 10 years) doing a commercial off-the-shelf automation system for  
> small and
> medium sized observatories. I attended the Hotwiring workshop and  
> enjoyed it
> thoroughly. I have finally been able to act on my wishes (and customer
> requests!) and have created a VOEvent receiver for my dispatch  
> scheduling
> software. I want to thank Alasdair Alan for his recent copious help  
> in getting
> me off the ground in that endeavour.
>
> In the course of developing the receiver I realized, like the rest  
> of you, that
> VOEvent messages need digital signatures. I read though the archived  
> traffic
> here to see where the thought processes are, and I recalled Steve  
> Allen's
> digisig paper at Hotwiring (which I got a copy of via the just- 
> published
> proceedings).
>
> I thought I'd take a pass at digital signatures, with the goals of:
>
> * Elective implementation at the originating and receiving end
> * No impact on the VOEvent message or schema; decoupled from issues  
> like
>  canonicalization and schema evolution
> * No impact on existing parsers
> * Flexible/adaptable trust model
> * Minimal implementation requirements
> * Use of free/open-source tools that run on any platform (that  
> matters)
> * No cost/low pain: no involvement with Certification Authorities
>
> I designed and built a working model so as to prove its feasibility  
> and check
> speed issues. I talked with one of your members this morning and he  
> encouraged
> me to post it here for discussion. So...
>
> http://solo.dc3.com/~rdenny/VoDigiSig.pdf   (informal/unpublished  
> paper)
> http://solo.dc3.com/~rdenny/VoDigiSig.zip   (sources for  
> implementation)
>
> I should mention that any language can be used; Perl was used for  
> the working
> model because it seems pervasively used in the astronomy community.
>
>  -- Bob
>
>
>

More information about the voevent mailing list