51. Q. Why do I need an identity certificate to prove my identity?
A. You don’t need a certificate to prove your identity. That’s not how the identity certificate is used in the TrustedQSL process. The identity certificate is created so others can use it to verify that a tQSL that says it is from your station is authentic.
53. Q. Why does the CA send me a copy of the identity certificate if I don’t need to use it?
A. For convenience and on general principles, it is after all your public key and your information. Standard practice has the sender include a copy of all the certificates in his “chain of trust” along with his tQSLs. This is a courtesy to the recipient and expedites authentication. An alternative approach would be for the CA to keep your certificate, publish it in the CA’s online directory and have the recipient of your tQSLs look up your certificate online.
55. Q. What else can I do with a copy of my identity certificate?
A. You can save your identity certificate along with your private key in a standard portable format (PKCS#12). The PKCS#12 file can be read by a variety of standard applications such as e-mail programs and Internet browsers. This will allow using your private key to sign e-mail messages that you exchange with other amateurs. And other amateurs can authenticate e-mail claiming to be from you as coming from the real WA1XYZ.
57. Q. Who will accept my identity certificate?
A. TrustedQSL’s goal is for your identity certificate to be accepted by other hams and by award sponsors. The broader, non-amateur radio community who have chains of trust originating in commercial CAs or national PTTs are unlikely to accept an identity certificate for WA1XYZ as being trustworthy.
59. Q. Why should I bother to digitally sign tQSLs
A. In the Spirit of Ham Radio one signs tQSLs so that your fellow hams can receive award credit for contacts they’ve made with you. Signing your tQSLs permits those who do care about such things, award sponsors being the prime example, to authenticate that the WA1XYZ tQSLs received from an unauthenticated intermediary did indeed originate with you, the real WA1XYZ and not some impostor.
61. Q. Who’s an “unauthenticated intermediary?”
A. It can be any third party. Digital signatures permit the paradigm to shift away from security and authentication via records kept on central servers towards individual documents that can be authenticated. Just as with traditional paper QSLs, third parties are free to handle, store and forward tQSLs. It is of no concern through which hands, such as logbook servers, a tQSL may have passed prior to its being presented to an award sponsor.
63. Q. Can paper QSL cards have a digital signature?
A. Yes. It can be done with a bar code printed on the card. The information on the paper card can then be authenticated just like a tQSL.