NOCALL issue

[Weston Bustraan]

Ok, everyone.

So it seems I was caught aware of a particular behavior of the APRS-IS network. In particular, that even for non-authenticated users, it only allows a unique user to connect. So, if everyone is connecting as NOCALL, then it will bump people off. Thanks to Lynn for clueing me in to this; I'm not sure how I would have known this otherwise.

So, while I sort out how to handle entering an unlicensed callsign in the UI specifically for APRS-IS connections, it seems like the obvious solution is to dole out some real licenses so that everyone can simply use their own callsign.

Here's how this works:

1. Head out to https://www.w8wjb.com/wp/product/qth-app-license/
2. Add the license to your cart and check out
3. Use the coupon code 'BETAFEB2021' and it should discount the license 100% and make it free. If it doesn't, please let me know. My wife tested it with a coupon code that dropped it down to $0.01 just to test out the PayPal integration.
4. Then I have to do my part. I have to match the details you entered with your record in QRZ or HamQTH for verification.
5. You should get a notification in your email and be able to download the license once that's done.
6. You'll be downloading a .pfx file. I will probably have to change the extension to something else because, when watching my wife do it, her natural tendency is to double click it and macOS wants to import it straight into the Keychain. While importing the certificate this way does, for the most part, work perfectly fine, you do get an authentication prompt when you renew the license because it doesn't automatically grant permissions to QTH like it does when QTH does the import.
7. The Help docs contains instructions on how to import the license, with screenshots
8. Once the license has been imported, you will then be able to select your callsign in the popup menu in Station preferences.

Some background on why I'm doing it this way:

What I'm calling a "license" is actually a X.509 certificate and its corresponding private key. The certificate itself is signed by the QTH Certificate Authority. Your callsign is incorporated into the certificate's subject using the same object identifier that the LoTW certs use.

There has been a discussion on the APRSSIG about switching to SSL certificates to authenticate to APRS-IS, rather than the insecure passcode. The catch with using certificates is that you need to validate the certificate holder. Right now, only LotW is available as an option, and that's tough for non-US hams to use. My goal is to make the QTH CA as another, trusted option. A purchase allows us to match a billing address with the registered callsign for positive identification. And, of course, generates a small income for me and my family.

Of course, that's just my plan and the APRS-IS server owners might nix the idea, But even then, the certificate still serves as decent "copy protection"; you're free to install it on as many computers as you want, but you're naturally discouraged from passing it to others because it contains your details.

- Wes, W8WJB