Cryptographic authentication of VOEvents

John Swinbank swinbank at transientskp.org
Wed Sep 12 08:07:44 PDT 2012


On 12 Sep 2012, at 16:54, Rob Seaman <seaman at noao.edu> wrote:

> Nothing stops a particular project from signing a canonical version of an XML packet.  Nothing forbids signing a specific sequence of bytes.  As long as we don't specify that signatures must be embedded in the packets we can have our cake and eat it too.

Until, presumably, we want to interoperate with each other.

To be personal (or egocentric?) for a moment, when LOFAR starts publishing VOEvents ("real soon now", etc), we want to cryptographically sign them. (And, conversely, we won't trigger on a VOEvent if we aren't confident of its authenticity.)

When we sign those events, we want to do so in a way that's of the greatest possible value to the community. If there's a clearly articulated reason why signing an opaque bitstream is of less value to the community, we won't do that. Similarly, if added complexity due to normalization, or philosophical differences about what "ought" to be signed, makes it harder for others to accept our events, we won't do that.

But we will do something, and, once we start doing it, it'll be hard for us to change to another system. And we'll do it now (well, soon), not in a(nother) decade.

Cheers,

John


More information about the voevent mailing list