Feb 23, 17 / Pis 26, 01 18:02 UTC

Re: Proposal - ACIT - Asgardia Civic IT  

If it is going to be used in a governmental network the security protections can not be trivial. I really think that Asgardia should have its own network off the internet. But since it will not be so, at least ask yourself when to implement a security system; Is the Pentagon using this? What are they using?

Feb 25, 17 / Ari 00, 01 14:34 UTC

I really think that Asgardia should have its own network off the internet.

Again, as previously mentioned, VPN.

Generally places like the pentagon don't get accessed from "outside" but will be using VPN, to be able to access across wide areas without exposing services to "the internet" - for all intents and purposes it's presented as a local connection, and it's journey through the internet shielded - and auth further to the system this allows access to will be via most likely PCKS-11 embedded into "smartcards" in their ID cards. Lacking ID cards, card readers etc. I'd suggested X.509 as that's pretty much the same thing, or more accurately displays the same features required and is also currently deployed in roles of equal importance.

  Updated  on Feb 25, 17 / Ari 00, 01 14:35 UTC, Total number of edits: 1 time
Reason: typo

Feb 27, 17 / Ari 02, 01 19:05 UTC

My apologies for not getting back to this post sooner. Life can take evaporate a few days before we realize it. I've added a couple things to the google docs. Let me now how each feels and I'll clean up the proposal for a rough draft, then send that off to 'Official' for review.

Feb 28, 17 / Ari 03, 01 09:28 UTC

G'day to you all, and my deepest apologies for being over two weeks absent. Life's had much in store for me, but I can finally get back to my work with Asgardia.

So; I'm gonna take a while to read all the posts made and get back to the doc, feel free to bring me back to the loop.

-S

  Last edited by:  Aleksi Laakkonen (Asgardian)  on Feb 28, 17 / Ari 03, 01 09:57 UTC, Total number of edits: 1 time

Mar 1, 17 / Ari 04, 01 13:22 UTC

Welcome back Leomarquie and Speakee.

Mar 1, 17 / Ari 04, 01 13:39 UTC

I like the idea of a VPN as a shielded network for sensitive matters such as voting, but who would host the VPN? It isn't hard to set up a VPN, but doing so from a personal computer doesn't seem like a logical choice, all things considered. It presents multiple points of failure and security issues. And in regards to the IRC that was recommended, I have hexchat on my system, but we need a specified network to list the Channel in, are any of the networks better than the others, or are they all pretty much the same? I am new to using IRC so I am not exactly an expert on the subject. Discord was also proposed, so I have a Discord channel setup should anyone feel they would like to use it in the meantime. https://discord.gg/Zsmz5N7

  Last edited by:  Paul Miller (Asgardian)  on Mar 1, 17 / Ari 04, 01 13:42 UTC, Total number of edits: 1 time
Reason: Added Information

Mar 1, 17 / Ari 04, 01 15:58 UTC

I like the idea of vpn as well, but it'd be better to have a server on the other end. You can setup for better performance and security. I'll check out discord channel to start communicating there. It'd be good to have a better means of communications.

Mar 2, 17 / Ari 05, 01 14:10 UTC

I really think that Asgardia should have its own network off the internet.

Mar 2, 17 / Ari 05, 01 14:11 UTC

I really think that Asgardia should have its own network off the internet.

Mar 2, 17 / Ari 05, 01 15:46 UTC

I like the idea of vpn as well, but it'd be better to have a server on the other end.

There's another way?

I'll check out discord channel to start communicating there.

Discord? You people really do spend a lot of time thinking about what you're doing, and the potential consequences of. Such attention to detail shall surely result in quality output, and a richer, more secure personal life.

I like the idea of a VPN as a shielded network for sensitive matters such as voting, but who would host the VPN? It isn't hard to set up a VPN, but doing so from a personal computer doesn't seem like a logical choice, all things considered

Damn right it's not the logical choice. The logical choice for host is the same machine that's hosting the voting system - in order that the voting system itself can be made accessible without exposing it to "the internet". Existing infrastructure should feasibly support both roles with no noticable system impact. Points of failure would only be one, which is commonly bad - points of attack are also one, and this is really good for security, and why such measures are commonly used in "serious" settings where it's crucial to transport data without exposing it to the interwebs. Commonly the VPN would be run at or around the gateway in secured facilities but we're a little way away from such things and I'm only considering the box sat in Hetzner's DC(I think that's actually their hardware, too, not a colo). Though gaining access to the VPN realistically should be as simple as signing up.

With regards to IRC Hexchat is more than plenty, even telnet can work the demands such protocols place upon systems and or networks is incredibly minimal. There's ofc many more clients, and like yourself many will already have one installed. They exist on almost every platform(including IoT). There's addtionally(usually lame, and privacy invasive) various webclients available - deploying one more trustable in a page on this site taking the user there should be trivial to achieve. I expect hexchat to have a nice list of servers included - freenode should be amongst them - and no two networks are truely the same. It's all the same thing ultimately, text on a screen thrown around in conformance with RFC1459(which is considered robust enough for military field use) but as each are run by different people/groups/companies there are naturally different rules/policies/procedures and ofc, different users. I nominated freenode as it's a reasonably large network with multiple redundant nodes already in place so therefore not represent any significant outlay, not associated with any particularly nefarious behaviours that I am aware of so not represent or deliver a cost, it has policies and procedures that should not be problematic to our operations, and is currently used by a large number of open source projects - Including the people involved with 2/3'ds of the software currently running on this server - to host their support rooms. With regards to their current userbase, some may be a little trollish, others a little elitist - People are people, ultimately, and once you get near a few thousand of them the lesser appreciable traits exhibit more commonly - Something as contraverisal as Asgardia will attract the trolls like an ice-cream truck attracts paedophiles. There are steps we can take, the channel can be set for entry via registered users is common as it makes it easier to maintain blacklists, or a bot can simply evict/ban persistent non-asgardians, or anyone using TOR exit nodes, proxy servers associated with abuse, etc. There is however a lot of questions that place can get answered, especially in regards to forwarding the currently defined and future potential projects of this initative. When someone writes something that makes ngnix or PHP behave "oddly" then the people that wrote both are "next door". There's various "functionality lack" with IRC as it's an early 90's thing, and bandwidth was a premium back then(but still, 14,400k modem was good for a hundred rooms on a dozen servers) but some creative thinking lead to the composition of "bots"(and why many "botnets" still use IRC as C&C transport) - many of which hook into other projects API's and can extend functionality. From looking up searches in screwgle so you can use it's search capacity by proxy without it taking your pesronal data to checking sanity of the code on the other end of a link. A chatroom is a simple, yet powerful tool.

Mar 2, 17 / Ari 05, 01 16:13 UTC

I have an IRC channel setup under the freenode server, channel name #AsgardiaIT should anyone like to join.

Finishing touches are being put on the proposal now if anyone has anything to add to it before submission.

Mar 2, 17 / Ari 05, 01 16:13 UTC

I have an IRC channel setup under the freenode server, channel name #AsgardiaIT should anyone like to join.

Finishing touches are being put on the proposal now if anyone has anything to add to it before submission.

Mar 2, 17 / Ari 05, 01 17:18 UTC

Here is the final rough draft. I'll be emailing that tonight, after I get home from work, in about 10 hours from this posting time. All people that are listed are currently communicating through the Discord server that was posted earlier this week. Please add any comments or questions you have, and I'll take a look before sending off.

I created a fresh copy to clean up the document, and still allow a backup of discussion copy. The original is still available.

https://docs.google.com/document/d/1HuBAASFsm7w4vRGt58UUlgPUDMwJRZyZLGgExN5WhJQ/edit

Mar 2, 17 / Ari 05, 01 19:52 UTC

in the approach, point 2 mentions setup of discord server.

This is seemingly random in the context of the rest of the document. If anything more "advanced" than IRC is actually required, then I'd personally suggest to more sanely consider the likes of XMPP. As well as being open source, thorughly tested though tens of billions of hours of collective use, it's also ships OOTB trustable.

Mar 3, 17 / Ari 06, 01 09:49 UTC

Currently Discord is only being used as a simplified communication platform to allow for early deliberations until we get approval on the proposal, at which point serious deliberations regarding starting projects, a permanent communication and projects platform, among other issues will take place.