<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<img src="cid:part1.C6B72812.132E3D48@bartk.us"><br>
<br>
No, not that kind of identity. Digital identity. Used to inform
networks and computers about who you are. In my brief research on
this, Wikipedia has listed a few systems:<br>
<ol>
<li>SAML</li>
<li>OAuth</li>
<li>OpenID</li>
<li>CAS</li>
</ol>
<p>There are of course other systems, such as X509 certificates, or
just plain old trusted keys or fingerprints. The question is,
which of these systems are appropriate for use on Part 97
airwaves?<br>
</p>
<p>The big P97 restriction we have is no use of secrecy or
encryption. Early on we realized this means any system which
relies on shared secrets (such as passwords) is not going to work
well. One system that does work really well is public/private key
based authentication. SSH key authentication and TLS client
certificate authentication work really well because of this.
However, those systems are not without problems. Both of them
need to have the encryption option turned off, which requires a
custom ssh client and server for SSH, and is nearly impossible to
do with any modern web browser for TLS. Other applications that
use TLS will also have the same challenge.<br>
</p>
<p>I'd like to identify some acceptable identity systems for web
browsers and web applications. It would be great if they could
also be used for email clients (Thunderbird, Evolution, KMail,
etc), and other applications like file shares.<br>
</p>
<p>I haven't looked into security tokens at all yet, but those may
work. That is, to plug a token into USB or tap it via NFC (cell
phone case), and have yourself identified.<br>
</p>
<p>Is anyone aware of which systems may be compatible with Part 97
and work in a user-friendly way?<br>
</p>
<p>--Bart<br>
<br>
</p>
</body>
</html>