1 <?xml version=
"1.0" encoding=
"ISO-8859-1"?>
2 <rss version='
2.0' xmlns:lj='http://www.livejournal.org/rss/lj/
1.0/'
>
4 <title>Petter Reinholdtsen - Entries from June
2017</title>
5 <description>Entries from June
2017</description>
6 <link>http://people.skolelinux.org/pere/blog/
</link>
10 <title>Release
0.1.1 of free software archive system Nikita announced
</title>
11 <link>http://people.skolelinux.org/pere/blog/Release_0_1_1_of_free_software_archive_system_Nikita_announced.html
</link>
12 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Release_0_1_1_of_free_software_archive_system_Nikita_announced.html
</guid>
13 <pubDate>Sat,
10 Jun
2017 00:
40:
00 +
0200</pubDate>
14 <description><p
>I am very happy to report that the
15 <a href=
"https://github.com/hiOA-ABI/nikita-noark5-core
">Nikita Noark
5
16 core project
</a
> tagged its second release today. The free software
17 solution is an implementation of the Norwegian archive standard Noark
18 5 used by government offices in Norway. These were the changes in
19 version
0.1.1 since version
0.1.0 (from NEWS.md):
23 <li
>Continued work on the angularjs GUI, including document upload.
</li
>
24 <li
>Implemented correspondencepartPerson, correspondencepartUnit and
25 correspondencepartInternal
</li
>
26 <li
>Applied for coverity coverage and started submitting code on
27 regualr basis.
</li
>
28 <li
>Started fixing bugs reported by coverity
</li
>
29 <li
>Corrected and completed HATEOAS links to make sure entire API is
30 available via URLs in _links.
</li
>
31 <li
>Corrected all relation URLs to use trailing slash.
</li
>
32 <li
>Add initial support for storing data in ElasticSearch.
</li
>
33 <li
>Now able to receive and store uploaded files in the archive.
</li
>
34 <li
>Changed JSON output for object lists to have relations in _links.
</li
>
35 <li
>Improve JSON output for empty object lists.
</li
>
36 <li
>Now uses correct MIME type application/vnd.noark5-v4+json.
</li
>
37 <li
>Added support for docker container images.
</li
>
38 <li
>Added simple API browser implemented in JavaScript/Angular.
</li
>
39 <li
>Started on archive client implemented in JavaScript/Angular.
</li
>
40 <li
>Started on prototype to show the public mail journal.
</li
>
41 <li
>Improved performance by disabling Sprint FileWatcher.
</li
>
42 <li
>Added support for
'arkivskaper
',
'saksmappe
' and
'journalpost
'.
</li
>
43 <li
>Added support for some metadata codelists.
</li
>
44 <li
>Added support for Cross-origin resource sharing (CORS).
</li
>
45 <li
>Changed login method from Basic Auth to JSON Web Token (RFC
7519)
47 <li
>Added support for GET-ing ny-* URLs.
</li
>
48 <li
>Added support for modifying entities using PUT and eTag.
</li
>
49 <li
>Added support for returning XML output on request.
</li
>
50 <li
>Removed support for English field and class names, limiting ourself
51 to the official names.
</li
>
52 <li
>...
</li
>
56 <p
>If this sound interesting to you, please contact us on IRC (#nikita
57 on irc.freenode.net) or email
58 (
<a href=
"https://lists.nuug.no/mailman/listinfo/nikita-noark
">nikita-noark
59 mailing list).
</p
>
64 <title>Idea for storing trusted timestamps in a Noark
5 archive
</title>
65 <link>http://people.skolelinux.org/pere/blog/Idea_for_storing_trusted_timestamps_in_a_Noark_5_archive.html
</link>
66 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Idea_for_storing_trusted_timestamps_in_a_Noark_5_archive.html
</guid>
67 <pubDate>Wed,
7 Jun
2017 21:
40:
00 +
0200</pubDate>
68 <description><p
><em
>This is a copy of
69 <a href=
"https://lists.nuug.no/pipermail/nikita-noark/
2017-June/
000297.html
">an
70 email I posted to the nikita-noark mailing list
</a
>. Please follow up
71 there if you would like to discuss this topic. The background is that
72 we are making a free software archive system based on the Norwegian
73 <a href=
"https://www.arkivverket.no/forvaltning-og-utvikling/regelverk-og-standarder/noark-standarden
">Noark
74 5 standard
</a
> for government archives.
</em
></p
>
76 <p
>I
've been wondering a bit lately how trusted timestamps could be
78 <a href=
"https://en.wikipedia.org/wiki/Trusted_timestamping
">Trusted
79 timestamps
</a
> can be used to verify that some information
80 (document/file/checksum/metadata) have not been changed since a
81 specific time in the past. This is useful to verify the integrity of
82 the documents in the archive.
</p
>
84 <p
>Then it occured to me, perhaps the trusted timestamps could be
85 stored as dokument variants (ie dokumentobjekt referered to from
86 dokumentbeskrivelse) with the filename set to the hash it is
89 <p
>Given a
"dokumentbeskrivelse
" with an associated
"dokumentobjekt
",
90 a new dokumentobjekt is associated with
"dokumentbeskrivelse
" with the
91 same attributes as the stamped dokumentobjekt except these
96 <li
>format -
> "RFC3161
"
97 <li
>mimeType -
> "application/timestamp-reply
"
98 <li
>formatDetaljer -
> "&lt;source URL for timestamp service
&gt;
"
99 <li
>filenavn -
> "&lt;sjekksum
&gt;.tsr
"
103 <p
>This assume a service following
104 <a href=
"https://tools.ietf.org/html/rfc3161
">IETF RFC
3161</a
> is
105 used, which specifiy the given MIME type for replies and the .tsr file
106 ending for the content of such trusted timestamp. As far as I can
107 tell from the Noark
5 specifications, it is OK to have several
108 variants/renderings of a dokument attached to a given
109 dokumentbeskrivelse objekt. It might be stretching it a bit to make
110 some of these variants represent crypto-signatures useful for
111 verifying the document integrity instead of representing the dokument
114 <p
>Using the source of the service in formatDetaljer allow several
115 timestamping services to be used. This is useful to spread the risk
116 of key compromise over several organisations. It would only be a
117 problem to trust the timestamps if all of the organisations are
118 compromised.
</p
>
120 <p
>The following oneliner on Linux can be used to generate the tsr
121 file. $input is the path to the file to checksum, and $sha256 is the
122 SHA-
256 checksum of the file (ie the
"<sjekksum
>.tsr
" value mentioned
125 <p
><blockquote
><pre
>
126 openssl ts -query -data
"$inputfile
" -cert -sha256 -no_nonce \
127 | curl -s -H
"Content-Type: application/timestamp-query
" \
128 --data-binary
"@-
" http://zeitstempel.dfn.de
> $sha256.tsr
129 </pre
></blockquote
></p
>
131 <p
>To verify the timestamp, you first need to download the public key
132 of the trusted timestamp service, for example using this command:
</p
>
134 <p
><blockquote
><pre
>
135 wget -O ca-cert.txt \
136 https://pki.pca.dfn.de/global-services-ca/pub/cacert/chain.txt
137 </pre
></blockquote
></p
>
139 <p
>Note, the public key should be stored alongside the timestamps in
140 the archive to make sure it is also available
100 years from now. It
141 is probably a good idea to standardise how and were to store such
142 public keys, to make it easier to find for those trying to verify
143 documents
100 or
1000 years from now. :)
</p
>
145 <p
>The verification itself is a simple openssl command:
</p
>
147 <p
><blockquote
><pre
>
148 openssl ts -verify -data $inputfile -in $sha256.tsr \
149 -CAfile ca-cert.txt -text
150 </pre
></blockquote
></p
>
152 <p
>Is there any reason this approach would not work? Is it somehow against
153 the Noark
5 specification?
</p
>
158 <title>Når nynorskoversettelsen svikter til eksamen...
</title>
159 <link>http://people.skolelinux.org/pere/blog/N_r_nynorskoversettelsen_svikter_til_eksamen___.html
</link>
160 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/N_r_nynorskoversettelsen_svikter_til_eksamen___.html
</guid>
161 <pubDate>Sat,
3 Jun
2017 08:
20:
00 +
0200</pubDate>
162 <description><p
><a href=
"http://www.aftenposten.no/norge/Krever-at-elever-ma-fa-annullert-eksamen-etter-rot-med-oppgavetekster-
622459b.html
">Aftenposten
163 melder i dag
</a
> om feil i eksamensoppgavene for eksamen i politikk og
164 menneskerettigheter, der teksten i bokmåls og nynorskutgaven ikke var
165 like. Oppgaveteksten er gjengitt i artikkelen, og jeg ble nysgjerring
166 på om den fri oversetterløsningen
167 <a href=
"https://www.apertium.org/
">Apertium
</a
> ville gjort en bedre
168 jobb enn Utdanningsdirektoratet. Det kan se slik ut.
</p
>
170 <p
>Her er bokmålsoppgaven fra eksamenen:
</p
>
173 <p
>Drøft utfordringene knyttet til nasjonalstatenes og andre aktørers
174 rolle og muligheter til å håndtere internasjonale utfordringer, som
175 for eksempel flykningekrisen.
</p
>
177 <p
>Vedlegge er eksempler på tekster som kan gi relevante perspektiver
180 <li
>Flykningeregnskapet
2016, UNHCR og IDMC
181 <li
>«Grenseløst Europa for fall» A-Magasinet,
26. november
2015
186 <p
>Dette oversetter Apertium slik:
</p
>
189 <p
>Drøft utfordringane knytte til nasjonalstatane sine og rolla til
190 andre aktørar og høve til å handtera internasjonale utfordringar, som
191 til dømes *flykningekrisen.
</p
>
193 <p
>Vedleggja er døme på tekster som kan gje relevante perspektiv på
197 <li
>*Flykningeregnskapet
2016, *UNHCR og *IDMC
</li
>
198 <li
>«*Grenseløst Europa for fall» A-Magasinet,
26. november
2015</li
>
203 <p
>Ord som ikke ble forstått er markert med stjerne (*), og trenger
204 ekstra språksjekk. Men ingen ord er forsvunnet, slik det var i
205 oppgaven elevene fikk presentert på eksamen. Jeg mistenker dog at
206 "andre aktørers rolle og muligheter til ...
" burde vært oversatt til
207 "rolla til andre aktørar og deira høve til ...
" eller noe slikt, men
208 det er kanskje flisespikking. Det understreker vel bare at det alltid
209 trengs korrekturlesning etter automatisk oversettelse.
</p
>
projects / homepage.git / blob