Subject: [TrustedQSL] Development Status
Date: Wed, 13 Mar 2002 10:53:46 -0500
From: "Simcik, Mark WA1VVB"
Hello TrustedQSL Forum,
This response is to Dave, AA6YQ and the rest of the group.
I had hoped that the press releases would satisfy your concerns. However, I
will add a few more details...
In 2001, as of November, we had completed the formal design of LoTW Server.
Realize that, when the board ratified the project in 2001-June, the design
at that time was very conceptual -- more of a "what will the system do"
proposal. By November, we had more of the "how will it do it" decided and
documented. We also used that time span to investigate the operating system
platform, database toolsets, development environments, security toolsets,
server hardware and to realize some preliminary performance estimates that
all would refine the design and operational goals. Everything looks good.
2001-December saw the beginning of the security policy and the
implementation of the X.509 certificate chain of authority. This all comes
from the server side and helps greatly to define what the client side needs
to do. By the end of 2002-January, all of this was working very nicely on
my test platform. With the certificates properly extended for ARRL LoTW,
again everything continues to perform properly. Some of our formal designs
involving client (user) functionality were also released to the client
developers.
2001-February saw the first database structures implemented to store and
retrieve the certificates and related data to begin the core of the server.
This work continues into 2002-March. February also saw the release of the
security chain to Darryl, WA1GON, for the client side to support the
implementation of it's library.
The immediate future... With the database in place, we will then develop the
interfaces for the administrators of LoTW. Then system testing will
commence.
The Logbook of the World is a large database project. It is very
complicated and requires strict attention to security from end-to-end (read:
not even the administrators can violate the intrinsic security of this
system). It will, via strong encryption, provide digital proof that two
authorized people have confirmed a proper QSL. This system runs at the same
level as your banking transactions do from bank-to-bank. The Amateur Radio
Operators ultimately have secure control of their QSOs.
I have been involved in the design and implementation of monetary systems at
the commercial level, moving millions of dollars around the country and the
world each day. I can assure you that this system is being implemented
efficiently and according to the state of the art in digital security. This
is what the awards community demands; we are delivering it (though at a
fraction of the cost of an equivalent commercial system -- and a fraction of
the time, too!).
So far, the project has progressed without a hitch. Be mindful that this is
careful, tedious, pioneering work on a novel system. 100% of my time is
dedicated to this project. Jon Bloom continues to develop for both the ARRL
Website and LoTW. So, this project is still "front burner" and moving
forward. I have written directly to some members of this forum, when I
needed answers from their specific expertise. I just cannot afford much
time to write this forum -- understandably. Stay tuned.
73,
Mark E. Simcik, W A 1 V V B
Web Applications Developer