►
From YouTube: 20210921 AAAA Meetup
Description
Authentication and Authorization discussion held right after the FPGA Standup on 21 September 2021.
A
A
C
C
You
discussed
a
lot
about
the
arrl
tw
certificate
based
digital
signature
mechanism,
so
I
just
want
to
know:
if
is
it
a
compulsory
thing
to
to
definitely
use
this
service
or
or
do
you
think
we
can
have
our
own
public
private
key
ecosystem
and
so
that
we
have
the
complete
hold
on?
Who
will
be
distribute,
distributing
the
keys
to,
and
you
know,
is
it
kind
of
compulsory
thing
or
can
we
have
the
complete
hand
for
ourselves?
D
Well,
in
my
view,
we
could
do
it
all
ourselves
if
we
wanted
to,
but
I'd
I'd
have
to
see
a
real
advantage
to
doing
that
before.
I'd
be
happy
about
redoing
all
that
work
that
the
double
arl
has
already
done.
I
don't
think
we
can
do
any
better
than
they've
done.
The
only
way
to
authenticate
a
ham,
radio
user
is
by
the
fact
that
they
can
receive
postal
mail
at
their
registered
address
and
that's
how
awrl
confirms
existence
of
people
for
logbook
of
the
world.
A
A
B
A
Yeah,
if
we
I
mean
it's
a
very
good
system
and
it's
not
limited
to
the
to
the
united
states
hams.
From
from
my
experience
and
understanding
doing
some
d
expeditions
with
call
signs
from
other
parts
of
the
world,
it
works
all
over
the
world,
but
it
may
be
perceived
as
maybe
two
u.s
centric
I'd
I'd.
I'm
wondering
if
that's
potentially
a
problem.
D
A
Yes,
that's
been
my
it's
been
my
experience
with
you
know
three
or
four
different
different
operations,
so
I
I
would
agree.
I
just
wanted
to
raise
that
as
as
a
potential
problem
and
wonder
if
that's,
if
that's
anything
we
should
think
about
in
terms
of
like
how
the
math
works
or
how
the
the
system
works,
it's
really
good
and
the
people
that
do
log
book
of
the
world
style.
I
guess
that's
authentication
to
authenticate
your
your
id
really
put
a
lot
of
work
into
it
and
it's
all
open
source.
D
A
E
Okay,
if
I
can
just
ask
a
question,
this
is
a
s3
rdx.
Let's
say
my
old
call
sign
s21x,
which
is
the
bangladesh
call
sign
supposedly
given
to
me
for
life,
which
I
have
not
been
able
to
use
for
a
long
time.
Suppose
that
was
reissued
and
it
was
issued
to
some
person
out
there
and
everything
and
they
were
wanting
to
get
on
the
ori
satellite
through
bangladesh,
amateur
radio
league,
which
is
the
equivalent
of
the
arl
over
there
miniature
the
license.
E
D
E
A
A
The
things
that
we're
doing
are
published,
open,
source
work
that
gets
integrated
and
implemented
onto
a
particular
deployment
of
a
of
a
satellite.
You
know
or
a
ground
sat.
You
know
you
can
do
this
for
terrestrial
too.
So
it's
it's
not
not
limited
to
satellite,
but
satellite
is
is
first
and
foremost
that's
kind
of
the
motivating
argument
right
because
it
has
to
have
an
operator
so
the
policies
about
how
to
give
access
and
who
gets
to
talk
on
it
and
stuff
like
that.
That
belongs
to
the
operator
and
that's
way
down
the
line.
A
So
the
things
that
we're
talking
about
and
providing
are
the
the
math
and
the
policies
you
know
and
the
the
this
whole
space
of
how
to
authenticate
and
authorize
specific
questions
about
who
and
what
and
how
it
happens
are
up
to
the
operator.
So
I'm
this
may
sound
like
it's
kicking
the
can
down
the
road.
A
What
we
need
to
do
is
give
the
best
possible
tool
set
to
any
operator
that
is
going
to
go
through
and
integrate
and
deploy
and
take
responsibility
for
a
satellite,
and
that
may
not
be
ori
we're
a
research
institute
and
we
are
very
serious
about
it
and
we
may
have
our
own
satellites
if
everything
works
out,
but
we
want
the
work
to
be
used
as
widely
as
possible
and
to
help
as
many
deployments
as
possible.
So
the
questions
are
informed
and
enlightened
and
expanded
by
looking
at
the
these
sorts
of
questions.
A
E
I
know
that
so
if
somebody
showed
up
with
an
s23
call
sign
first
from
north,
you
would
know
that
that's
not
a
valid
content,
but
that
arbitrary
arbiter
of
that
information
would
be
the
iru
so
somewhere.
This
policy
that
you're
referring
to
is
admirable.
We
have
to
have
an
interface
to
the
proper
authority,
which
is
issuing
the
call
sign
prefixes.
B
E
B
B
D
D
Authentication
is
proving
that
you,
the
operator,
are,
who
you
say
you
are
so
it's
it's
simply
connecting
your
station
equipment
to
your
call
sign,
and
once
we
have
your
call
signed,
then
we're
done
with
all
national
entities
and
regulatory
bodies.
We
know
you
are
who
you
say
you
are
because
the
existing
infrastructure
of
call
signs
and
international
allocation
have
arranged
for
that
call
sign
to
be
globally
unique
and
properly
assigned
to
you
by
a
government
now
close
the
book
on
that.
We
know
who
you
are.
D
The
question
remaining
question
is:
if
we're
limiting
access
to
only
certain
people,
how
do
we
know
that
you
have
access
to
the
system
where
we
might
be
ori
or
it
might
be
some
other
organization?
That's
operating
a
satellite,
as
michelle
pointed
out,
and
the
answer
is
your
call
sign.
That's
how
the
two
get
joined
together.
We
know
who
you
are
from
the
call
sign
and
then
use
whatever
procedure
we
choose
to
assign
privileges
to
that
call.
D
Sign
that
could
be,
and
I
would
prefer
for
usually
to
be
the
the
answer
is
always:
yes,
anybody
comes
in
with
a
call
sign.
Then
we
grant
access,
but
under
certain
circumstances,
like
maybe
a
an
emergency
where
we
need
to
assign
priority
access
to
certain
people,
then
the
answer
might
be
more
complicated,
but
that
is
up
to
us
to
implement
at
least
a
sample
of
and
other
satellite
operators.
If
there
are
any
in
the
future,
we'll
be
able
to
do
whatever
they
want,
possibly
following
our
lead
or
not.
E
E
You
know
spectrum
if
it
is
open
for
everybody
that
I
don't
think
it
is,
I
know
of
several
territories
where
it's
still
you
have
to
request
or
please
we
want
to
use
amateur
satellite,
even
though
it's
using
the
same
bad.
It's
it's
a
different
service.
It's
often
process,
you
know
their
regulatory
guidelines.
E
D
B
D
I
can
imagine
some
regulatory
environment
where
that
might
not
be
the
case.
You
know
if,
if
there
turns
out
to
be
a
lot
of
people
who
have
the
wrong
license
and
getting
on
the
satellite,
there
may
be
demand
to
restrict
access,
and
now
that
we
can
we're
subject
to
such
demands,
whereas
an
analog
transponder
just
can't.
A
C
I
I
mean
I
have
to
admit
that
I
didn't
understand
much
of
what
you
guys
spoke
just
right
now,
but
I
mean
regards
to
the
rules
and
regulations.
I
understand
that
I'm
not
acquainted
with,
but
I
think
the
the
final
point
is
clear:
that
we
need
to
maybe
consider
using
the
lotw's
existing
infra
for
the
digital
signature
scheme
that
whatever
they
were
using
and
we
could
use
that
up
to
perform
the
authentication
of
the
onboard
onboarding
users
on
the
satellite.
Am
I
right
in
that.
B
D
A
It's
true
that
we're
sorry,
it's
not
real
time.
They
do
have
a
procedure
for
updating
a
a
key
essentially,
but
the
answer
is
no:
it's
not
real
time.
If
we
can
figure
out
a
way
to
do
this,
then
they
would
be
very,
very
interested.
The
use
case
for
a
log
book
of
the
world
would
be
to
replace
the
paper
logs
for
contesting.
A
So
the
requirement
of
real
time
is
not
something
that
they
have
worked
in.
It
is
a
requirement
in
other
similar
key
management
systems.
So
I
think,
there's
an
opportunity
here
for
us
to
take
best
practices
from
what
is
out
there
and
and
see.
If
that's
something
that
we
can
add
worst
case,
though,
what
you
do
is
you
just
say:
okay,
there
may
be
a
problem
here,
we're
gonna
we're
gonna,
put
you
on
hold
until
it's
until
it's
all
worked
out
and
that
delay
may
be
hours
or
days.
A
D
B
C
He
may
use
the
lattice-based
authentication
scheme
instead
of
using
the
generic
hash
based
authentication
scheme,
so
that
we
could
so
that,
because
it
is
quantum
secure,
the
lattice-based
authentication
is
quantum
secure
and
the
the
secure
operations
that
the
very
serious
operation
that
which
he's
doing
to
the
spacecraft
is
could
also.
We
could
say
that
they're
more
secure.
D
I
will
say
that,
historically,
the
level
of
security
for
spacecraft
operation
has
been
very
minimal
and
problems
have
been
also
very
minimal,
so
we
might
be
painting
a
target
on
our
backs,
but
we
don't
necessarily
need
post
quantum
cryptography
for
that,
but
there's
nothing
stopping
us
from
doing
that
either.
This
is
a
user
authentication
mechanism.
C
C
B
C
What
is
it?
Okay,
there
are
some
anti-jamming
modulation
schemes
like
some
gaussian
time-based
modulation
or
the
frequency
hopping
that
you
guys
should
be
more
aware
of.
So
is
there
any
flexibility
to
change
the
modulation
scheme
on
m17
uplink,
or
will
that
be
or
will
it
also
cause
any
kind
of
itr
problems?
A
A
Okay,
so
yeah
they
we
do
have
flexibility
to
modify
the
the
uplink
protocols.
So
our
uplink
is
the
native
digital
format.
We
want
to
use.
M17
m17
is
for
arie
fsk,
and
we
already
know
that
we
probably
are.
We
already
know
that
we're
going
to
have
to
make
modifications
to
move
it
from
vhf
uhf
up
to
microwave,
so
we
probably
are
going
to
have
to
modify
the
physical
layer.
The
protocol
is
set
up
as
a
three
layer
protocol,
with
the
physical
layer
being
the
lowest
so
yeah.
We.
A
We
have
some
some
control
over
that,
since
we
already
know
that
we
may
need
to
make
some
some
changes
to
it.
That
kind
of
opens
the
door
to
to
anything
that
we
need
to
do
in
order
to
to
integrate
some
some
of
our
functions
or
functions
that
you
would
be
interested
in
the
satellite
environment
that
you
may
not
have
to
worry
about
in
terrestrial
uhf
vhf.
So
the
answer
is
in
general.
A
No
now,
on
top
of
that
is
we
really
want
to
keep
as
close
as
possible
so
that
when
we
do
have,
and
we
are
planning
on
having
m17
radios,
that
is
I'm
working
very
hard
to
make
that
happen.
We
don't
want
it
to
be
so
different
that
we
can't
have
a
radio
that
will
work,
trust
really
and
with
space.
That
would
be
really
great
if
we
had
one
radio
that
could
possibly
do
both
or
one
station
that
could
do
both.
A
Yes,
there
are,
are
those
schemes
illegal
and
I
think
the
answer
really
the
conservative
answer
is
it
depends,
but
in
general?
No.
So
if
there
is
a,
if
there
is
a
scheme
that
we
need
to
know
about
or
need
to
do,
then
we
should
be
able
to
do
that
at
microwave.
We
have
a
lot
of
flexibility
at
microwave
and
as
long
as
it's
documented
and
falls
into
any
of
the
usual
ones,
you
know,
and
the
library
is
vast
for
us.
Is
there
a
particular
one
that
you
have
a
concern
about.
C
No
actually
not
right
now
for
a
specific
candidate,
but
actually
this
week
I'm
trying
to
participate
and
the
radio
resilience
competition
where
they
put
up
this
lot
of
interference
patterns,
and
we
should
put
up
some
defensive
mechanism,
modulation
and
error
correction
schemes.
So
maybe
after
this
week,
I'll
maybe
I'll
come
up
with
a
specific
candidate
where
for
for
what
I'm?
Speaking
of
so
maybe
after
this
week,
I
can
answer
that.
A
E
Even
the
trade
studies,
but
even
this
trade
study
that
is
referring
to,
if
he's
doing
it
or
if
he
wants
collaborators,
then
as
long
as
we
publish
it
in
a
in
a
forum,
then
we
basically
claim
you
know
ours
our
domain
of
interest.
In
this
I
mean
it's
not
like
we're
taking
it
from
somebody
in
the
defense,
industry
or
indian
differences
or
us,
but
nothing
like
that.
We
just
need
to
publish
our
own
research
and
that's
it.
That's
ours.
A
E
A
Yeah,
the
conference
is
ours,
with
we're
working
with
information,
theory,
society,
ieee
and
the
computer
society
from
ieee
to
put
on
a
little
half
day
symposium
and
that
that
public
event
covers
us.
That's
published
as
you
go
that
counts,
so
anything
that
talk
wants
to
present
is
welcome
and
we're
here
to
make
it
to
present
it
and
and
put
it
out
as
a
publicly
available.
A
C
B
E
Well,
I
feel
like,
if
you
want
to,
I
mean,
if
you're
looking
for
a
collaborator,
you
know
it's
interesting,
intellectually
and
also
necessary
for
me
to
get
involved
into
that
kind
of
thing.
So
just
figure
out.
If
you
need,
I
mean
if
it's
just
a
paragraph,
you
can
do
it
yourself.
If
it's
a
half
a
page,
okay
or
maybe
two
diagrams,
we
could
probably
try
to
sketch
it
out.
What
do
you
mean
by
your
own
modulation
scheme.
C
And
with
reference
to
the
modulation
scheme,
actually
I'm
not
sure
about
that,
because
I
was
thinking
this
paper
would
be
more
of
a
kind.
You
know
of
the
summation
of
all
the
possibilities
of
the
authentication,
access
and
access
schemes
at
the
level
of
the
physical
layer
and
and
from
the
ground,
to
satellite
link
and
inside
the
satellite.
C
E
All
you
do
do
what
you
do
and
then
at
the
end,
conclude
by
saying
that
this
is
a
proposal
that
we
might
want
to
take
up.
Just
leave
it
there
and
you
have.
You
have
further
things
to
do,
which
is:
do
the
actual
studies
you're,
actually
laying
the
grounds
for
the
justification
for
the
studies
you're
not
going
to
do
it
right
now
in
one
month.
B
E
So
anyway,
if
you
need
any
help,
I
can
help.
If
you
don't
that's
fine,
but
I'd
really
like
to
find
out
what
you're
doing,
because
my
fpga
work
that
I've
got
the
test
fit
running
and
everything
in
my
head.
I've
just
finished
designing
my
first
very
first
oscillator
circuit,
like
you
know,
with
fundamental
components.
You
know
weinbridge
and
all
that.
But
what
I'm
trying
to
say
is
that
I
see
a
very
interesting
way
to
generate
quote
m17
symbols,
or
you
know
you
know
in
hardware,
under
fpga
control
under
mcu
control.
E
A
All
right,
good
job
sounds
like
no
sounds
like
we
got
a
plan
and
and
some
additional
horsepower
and
that's
that's
wonderful,
all
right
any
any
last
comments
from
anybody
on
this
subject
or
any
other
subjects
that
want
to
be
brought
up
and
just
a
quick
reminder
before
I
turn
over
the
floor
for
closing
comments.
We
have
a
open
cpi,
focused
strategy
meeting
on
thursday
at
10,
10,
us
pacific.
A
C
Oh
okay,
I'll
be
very
quick,
so
I
was
just
thinking
in
terms
of
the
security
inside
the
satellite,
for
example
the
because
of
course
we
was
thinking
about
authentication
when
the
satellite,
when
the
user's
signal
reaches
to
the
satellite
and
it
gets
the
access
and
stuff.
But
I
was
thinking
more
on
the
inside
security
measures.
Like
do
we
have
some
kind
of
tpm
trip
or
secure
of
the
physical
unclonable
function
that
people
were
using
right
now
or
are
some
kind
of
arm
tee
the
trusted
execution
system.
C
C
You
know,
so
I
I
did
write
some
bunch
of
functionalities
on
how
would
the
firmware
call
a
specific
function
before
it
will
not
call
just
readily,
but
it
would
just
make
sure
the
sensors,
the
sensor
ids
the
processor
serial
id
is
everything
intact
and
it
is
the
same
system
and
nothing
is
modified
and
with
that
object
with
that
specific
authenticated
object,
it
is
just
calling
the
important
function,
whether
it
is
dvd
decode
or
dv
encode.
Something
like
that.
Now.
C
E
As
the
user
traffic,
but
the
command
should
be,
the
reason
is
that
legally
any
satellite
up
there
has
a
legal
requirement
to
be
able
to
commend
it
to
turn
on
turn
off
and
and
to
turn
off
its
payload.
I
mean
that's
the
whole
point
I
mean
if
you
turn
off
yourself,
you
can't
turn
it
on
unless
you
turn
it
on
and
then,
if
you
turn
it
on
and
everything
else
is
turned
off,
then
you
can't
turn
it
off.
So
what's
the
architecture
like
please
somebody
just
verify
it.
D
A
D
Don't
think
it's
reasonable
to
try
to
put
a
lot
of
security
on
board
the
satellite
against
other
parts
of
the
satellite,
because
once
the
attacker,
hypothetical
attacker
has
achieved
control
of
the
satellite,
pretty
much
all
bets
are
off.
And
if
you
lock
things
down
in
such
a
way
that
it's
impossible
to
control
it
from
the
ground,
then
it
would
be
also
impossible
for
us
to
control
it
from
the
ground.
D
And
if
we
get
something
wrong,
we
might
end
up
with
a
very
expensive
paperweight
flying
around
in
space,
we'd
like
to
be
able
to
control
that
sort
of
stuff
with
software
uploads
and
and
the
like,
and
it's
maybe
inventing
problems.
We
don't
really
have
to
try
to
secure
that
beyond
reasonable
best
practices.
A
C
C
You
know
he's
just
going
on
and
off
on
and
off
and
is
intentionally
actually
trying
to
distribute
someone,
but
maybe
he
is
the
person
who
is
yeah
his
his
intention
is
trying
to
disrupt
someone,
but
we
may
think
that
he
may
be
under
some
multi-path
loss
phenomenon
and
he's
not
having
a
good
signal,
but
he's
intentionally
trying
to
do
that.
Okay,
so
so,
in
that
case,
can
we
have
a
path,
loss
calculation
for
every
signal
and
find
out?
D
B
E
Had
I've
had
some
experience
with
jamming
like
on
commercials,
you
know
sets
geo
sets
on
which
my
transponders
work
and
people
just
set
up,
like
you
know,
x,
military
whatever
or
people
were
bored,
and
they
said
a
kilowatt
or
megawatt
class
transmitters
just
to
jam
the
transponders,
but
after
a
while
they
get
tired.
They
move
on.
So
we
can
just
play
the
game
of
moving
channels
if
we
could
backwards
and
forward.
E
E
D
D
E
B
A
A
D
A
I
can
talk
a
little
bit
at
least
about
the
one
that
we've
picked
as
our
native
format,
because
we
allow
anybody
to
essentially
we're
saying
you
can
have
whatever
signal
you
want
in
your
particular
slot.
You
know:
that's
that's
something
we
talked
about
as
far
back
as
february
2020
at
the
workshop
at
hamcation,
but
in
terms
of
m17
and
the
four
area
fsk
we're
good
there,
so
that
at
least
is
is
solid
in
around
the
world,
so
we're
so
we're
good
at
least
from
starting
from
there.
A
D
Okay,
I
want
to
poke
a
little
at
that
assumption
that
we
cannot
have
any
waveform
in
any
channel,
because
that's
only
true
in
channels
where
we're
willing
to
sample
and
downlink
correct
spacecraft
only
has
its
capabilities
for
the
waveforms
that
it's
designed
for
right.
So
that's
a
whole
different
sort
of
a
backup
or
an
experimenter's
mode.
But
the
bulk
of
this
of
the
waveform
is
going
to
have
to
be
what
we
design
in.