Feb 21, 17 20:07 UTC

Re: Proposal - ACIT - Asgardia Civic IT  

Maybe a username + password + software-key would be better.

The software-key could be stored on an usb-stick.

Grtz, Dirk.

Feb 22, 17 03:21 UTC

As previously mentioned, multiple times.

X.509

It's an "industry standard" way to authenticate. On the server side it requires no additional hardware or software, minor adjustments to current login code at best. If treated properly the private key will never be accessible to third parties, as it's use never requires it to leave the local machine and in the event of access being leaked then the passphrase should realistically prevent use, certainly until it can be revoked. Our system could potentially make use of an additional "duress passphrase" - wherin a state of duress this can alternately be released and it will automatically nullify the reaI key whilst granting access to a sandboxed profile to make it appear that the real key has been divulged to retain any fingers or other minor appendages that remain. It is incredibly simple to generate certificates and these can be entirely autonomously generated via a simple script the user executes. Ideally the data should be filled out manually, but the only thing that really matters of the input for this purpose, and the maximum it is sensible to reduce interaction to is the passphrase it locks to. Open source, active devel, easy to use and as bullet proof as authentication can get across the interwebs which is why it's used for serious things like frictionless SSH auth into remote servers.

Two-factor that relies on the authentication policies and procedures of a random third party reduces security in an otherwise secure model. Certainly this site's current polices are not secure, but relying on some other site's ability to remain secure isn't a sensible choice if adequately considered. Breech of this service will intrinsically lead to breach of ours and further allow third parties to draw links and take metrics they do not require to. Anything that transfers across the conventional telecoms network in an unecrypted form - like SMS which effectively piggybacks across the existing SMTP (email) infrastructures - isn't a particular secure way to do anything as it's just assured that multiple copies have just been made and stored. Intercept is trivial at mulitple stages.

"Shut-off" methods should be trivial to provide, revocation and signing requests for fresh keys should be trivial to handle, the CA should naturally be retaining a revocation list.

  Updated  on Feb 22, 17 03:22 UTC, edited 1 time in total.
Reason: typo

Feb 23, 17 18:02 UTC

If it is going to be used in a governmental network the security protections can not be trivial. I really think that Asgardia should have its own network off the internet. But since it will not be so, at least ask yourself when to implement a security system; Is the Pentagon using this? What are they using?

Feb 25, 17 14:34 UTC

I really think that Asgardia should have its own network off the internet.

Again, as previously mentioned, VPN.

Generally places like the pentagon don't get accessed from "outside" but will be using VPN, to be able to access across wide areas without exposing services to "the internet" - for all intents and purposes it's presented as a local connection, and it's journey through the internet shielded - and auth further to the system this allows access to will be via most likely PCKS-11 embedded into "smartcards" in their ID cards. Lacking ID cards, card readers etc. I'd suggested X.509 as that's pretty much the same thing, or more accurately displays the same features required and is also currently deployed in roles of equal importance.

  Updated  on Feb 25, 17 14:35 UTC, edited 1 time in total.
Reason: typo

Feb 27, 17 19:05 UTC

My apologies for not getting back to this post sooner. Life can take evaporate a few days before we realize it. I've added a couple things to the google docs. Let me now how each feels and I'll clean up the proposal for a rough draft, then send that off to 'Official' for review.

Feb 28, 17 09:28 UTC

G'day to you all, and my deepest apologies for being over two weeks absent. Life's had much in store for me, but I can finally get back to my work with Asgardia.

So; I'm gonna take a while to read all the posts made and get back to the doc, feel free to bring me back to the loop.

-S

  Last edited by:  Kaani (Asgardian)  on Feb 28, 17 09:57 UTC, edited 1 time in total.

Mar 1, 17 13:22 UTC

Welcome back Leomarquie and Speakee.

Mar 1, 17 13:39 UTC

I like the idea of a VPN as a shielded network for sensitive matters such as voting, but who would host the VPN? It isn't hard to set up a VPN, but doing so from a personal computer doesn't seem like a logical choice, all things considered. It presents multiple points of failure and security issues. And in regards to the IRC that was recommended, I have hexchat on my system, but we need a specified network to list the Channel in, are any of the networks better than the others, or are they all pretty much the same? I am new to using IRC so I am not exactly an expert on the subject. Discord was also proposed, so I have a Discord channel setup should anyone feel they would like to use it in the meantime. https://discord.gg/Zsmz5N7

  Last edited by:  PaulWMillerII (Asgardian)  on Mar 1, 17 13:42 UTC, edited 1 time in total.
Reason: Added Information

Mar 1, 17 15:58 UTC

I like the idea of vpn as well, but it'd be better to have a server on the other end. You can setup for better performance and security. I'll check out discord channel to start communicating there. It'd be good to have a better means of communications.

Mar 2, 17 14:10 UTC

I really think that Asgardia should have its own network off the internet.

Mar 2, 17 14:11 UTC

I really think that Asgardia should have its own network off the internet.

Mar 2, 17 15:46 UTC

I like the idea of vpn as well, but it'd be better to have a server on the other end.

There's another way?

I'll check out discord channel to start communicating there.

Discord? You people really do spend a lot of time thinking about what you're doing, and the potential consequences of. Such attention to detail shall surely result in quality output, and a richer, more secure personal life.

I like the idea of a VPN as a shielded network for sensitive matters such as voting, but who would host the VPN? It isn't hard to set up a VPN, but doing so from a personal computer doesn't seem like a logical choice, all things considered

Damn right it's not the logical choice. The logical choice for host is the same machine that's hosting the voting system - in order that the voting system itself can be made accessible without exposing it to "the internet". Existing infrastructure should feasibly support both roles with no noticable system impact. Points of failure would only be one, which is commonly bad - points of attack are also one, and this is really good for security, and why such measures are commonly used in "serious" settings where it's crucial to transport data without exposing it to the interwebs. Commonly the VPN would be run at or around the gateway in secured facilities but we're a little way away from such things and I'm only considering the box sat in Hetzner's DC(I think that's actually their hardware, too, not a colo). Though gaining access to the VPN realistically should be as simple as signing up.

With regards to IRC Hexchat is more than plenty, even telnet can work the demands such protocols place upon systems and or networks is incredibly minimal. There's ofc many more clients, and like yourself many will already have one installed. They exist on almost every platform(including IoT). There's addtionally(usually lame, and privacy invasive) various webclients available - deploying one more trustable in a page on this site taking the user there should be trivial to achieve. I expect hexchat to have a nice list of servers included - freenode should be amongst them - and no two networks are truely the same. It's all the same thing ultimately, text on a screen thrown around in conformance with RFC1459(which is considered robust enough for military field use) but as each are run by different people/groups/companies there are naturally different rules/policies/procedures and ofc, different users. I nominated freenode as it's a reasonably large network with multiple redundant nodes already in place so therefore not represent any significant outlay, not associated with any particularly nefarious behaviours that I am aware of so not represent or deliver a cost, it has policies and procedures that should not be problematic to our operations, and is currently used by a large number of open source projects - Including the people involved with 2/3'ds of the software currently running on this server - to host their support rooms. With regards to their current userbase, some may be a little trollish, others a little elitist - People are people, ultimately, and once you get near a few thousand of them the lesser appreciable traits exhibit more commonly - Something as contraverisal as Asgardia will attract the trolls like an ice-cream truck attracts paedophiles. There are steps we can take, the channel can be set for entry via registered users is common as it makes it easier to maintain blacklists, or a bot can simply evict/ban persistent non-asgardians, or anyone using TOR exit nodes, proxy servers associated with abuse, etc. There is however a lot of questions that place can get answered, especially in regards to forwarding the currently defined and future potential projects of this initative. When someone writes something that makes ngnix or PHP behave "oddly" then the people that wrote both are "next door". There's various "functionality lack" with IRC as it's an early 90's thing, and bandwidth was a premium back then(but still, 14,400k modem was good for a hundred rooms on a dozen servers) but some creative thinking lead to the composition of "bots"(and why many "botnets" still use IRC as C&C transport) - many of which hook into other projects API's and can extend functionality. From looking up searches in screwgle so you can use it's search capacity by proxy without it taking your pesronal data to checking sanity of the code on the other end of a link. A chatroom is a simple, yet powerful tool.

Mar 2, 17 16:13 UTC

I have an IRC channel setup under the freenode server, channel name #AsgardiaIT should anyone like to join.

Finishing touches are being put on the proposal now if anyone has anything to add to it before submission.

Mar 2, 17 16:13 UTC

I have an IRC channel setup under the freenode server, channel name #AsgardiaIT should anyone like to join.

Finishing touches are being put on the proposal now if anyone has anything to add to it before submission.

Mar 2, 17 17:18 UTC

Here is the final rough draft. I'll be emailing that tonight, after I get home from work, in about 10 hours from this posting time. All people that are listed are currently communicating through the Discord server that was posted earlier this week. Please add any comments or questions you have, and I'll take a look before sending off.

I created a fresh copy to clean up the document, and still allow a backup of discussion copy. The original is still available.

https://docs.google.com/document/d/1HuBAASFsm7w4vRGt58UUlgPUDMwJRZyZLGgExN5WhJQ/edit