I have an i-gotU GPS logger. Neat package decent performance. I want
to use it to log my paragliding flights.
International competitions don't accept the flight if there is not an
authentication record. Ideally the GPS unit itself will "sign" the
tracklog, but in practise this is often done by the downloading
program. This means that with some effort, the private key part of the
signing process can be reverse engineered from the binary. This
situation is stable for the past ten years or so.
To achieve the same situation for the i-gotU, the igotu2gpx program
will sign the track it downloads. The secret part of the signing
process will have to be in the distributed official binary, but not in
Anyway, the signature needs to go in the GPX file. I have seen the GPX
specs, and I think this should be possible in an extension
record. However, maybe gpsbabel already supports such a signature, so
then I'd like to be compatible with that extension.
So, is anybody aware of these authentication records surviving a
conversion by gpsbabel? Does anybody have an example of a GPX file
with an extension. (being unfamiliar with xml means I find it
difficult to interpret the "spec")
** R.E.Wolff@... ** http://www.BitWizard.nl/ ** +31-15-2600998 **
** Delftechpark 26 2628 XH Delft, The Netherlands. KVK: 27239233 **
*-- BitWizard writes Linux device drivers for any device you may have! --*
Q: It doesn't work. A: Look buddy, doesn't work is an ambiguous statement.
Does it sit on the couch all day? Is it unemployed? Please be specific!
Define 'it' and what it isn't doing. --------- Adapted from lxrbot FAQ
From: Robert Lipe <robertlipe@gp...> - 2009-07-18 05:48:11
On Fri, Jul 10, 2009 at 1:31 AM, Rogier Wolff<R.E.Wolff@...> wrote:
> To achieve the same situation for the i-gotU, the igotu2gpx program
> will sign the track it downloads. The secret part of the signing
> process will have to be in the distributed official binary, but not in
> the sources.
That's a deal-breaker for GPSBabel and, indeed, any GPL'ed program.
A key part of the license we use says you have to distribute source;
the whole point is for people to be able to freely port and change the
code and you just can't do that with binary distributions.
> So, is anybody aware of these authentication records surviving a
> conversion by gpsbabel? Does anybody have an example of a GPX file
If they're in the GPX 1.1 <extension>, we'll try to not 'damage'
them, but we certainly don't create such records.
If you submitted a suitable patch that was open source and
convincingly created such signatures, I'd probably accept it, if only
to show my disdain for the concept that user-logged data can't be
faked because it's signed. :-)