clarifications (was Re: Signing events)
Rob Seaman
seaman at noao.edu
Tue Mar 6 06:30:15 PST 2012
Just a clarification. Bob's message was addressed to me, cc'ed to the VOEvent list, and had a non-specific "you said" quote. I believe that John said what Bob quoted.
My latest message in the thread should have made it clear that I don't see any problem using Bob's already implemented signing technology now, as well as possibly implementing other such options in the future. Security is a process. There is no one solution correct for all purposes.
Regarding chasing our tails. I was the chair for much of the 6 years in question. We have neither been (excessively) spinning our wheels nor chasing tails, collective or otherwise. Excellent progress has been made on many fronts during those years, which has been a relatively brief time for the task at hand. Needless to say, we all have diverse responsibilities in other important and interesting projects; it is gratifying that so many have considered transient-response astronomy to be a key area of work given competing priorities.
At this time various large projects are reaching the point of strongly renewed interest, and there will soon be vastly greater interest in the work products of the various members of this group. I am positive the generous work that Bob has put into Dakota will pay off. It should surprise nobody that I also believe there are additional dimensions to the problem space.
Rob
--
On Mar 5, 2012, at 5:16 PM, Bob Denny wrote:
> You said:
>>
>> In the longer term, I can imagine a whole panoply of different uses for signed events, and that's the problem: if we deploy Bob's system now, does that damage our future prospects? If we follow a more complex scheme, is it going to hit a complexity wall – or, at least, take so long to mature that it can't meet our needs this year?
> Of course, as Norm points out (and as have others before him over 6 years) there are all of the old objections like "what if we rip apart the message and normalize it, and store it in a mapped database, or run it through a DOM, blah blah, and then later reconstruct it in a normalized form, and..." Feel free to chase your collective tails for another 6 years.
>
> Meanwhile, if you are OK with the VOEvent message not being altered (which after all seems to be the whole idea to me), and if you are OK with using PROVEN/VETTED security tools (GPG/PGP) which are widely understood/accepted and which do not require expensive or untrusted (and difficult to manage) X.509 certs, and and and... No libraries. Just a command line executable. I'm waiting for the "scalability card" to be pulled next :-)) The DigiSig option of the Transport 1.1 spec provides publisher authentication and message integrity. The logic needed is trivial as shown by the simple perl scripts that are published in the Transport 1.1 IVOA Note. If you haven't looked at it, it might be nice to do so.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.ivoa.net/pipermail/voevent/attachments/20120306/926426ee/attachment.html>
More information about the voevent
mailing list