All,
There's only one solution to verifying the identity of the sender -
We could use the same process that the ARRL implemented within their LOTW -
that of Public / Private key encryption.
- You create a private key / public key combo.
- You keep your private key, and submit your public key to the SYSOPS.
- The sysops validate the key through email verification.
- When you send a Spot, you digitally sign the data with your private key.
- When the Sysops receive your spot, either through the Web, or Telnet or
RF, they must check the data against the public key CHECKSUM to validate it
was truly sent by you.
- If there is a mismatch, the spot is deleted. If it matches, the spot
goes through.
Only then will the originating station be authenticated.
Otherwise, there is no way to the sending address is valid.
73,
Scott - KI5DR
----- Original Message -----
From: <ve4xt@mb.sympatico.ca>
To: "K4SB" <k4sb@earthlink.net>
Cc: <cq-contest@contesting.com>
Sent: Tuesday, May 27, 2003 3:56 PM
Subject: Re: [CQ-Contest] self spotting vs other cheating
> Hi Ed,
> Your logic is OK except for one thing: this isn't as much about watching
> spots as placing them.
>
> The majority of these self spots don't go in from the main running
> computer, they would be sent in from another computer on site using the
Web
> and DX Cluster Web interface.
|