Improved Secure Communication System for RIPE NCC Members

1Tiago Rodrigues Antao . RIPE 45, May 2003, Barcelona . http://www.ripe.net

Improved Secure Communication System for RIPE NCC Members

Tiago Rodrigues Antao

RIPE NCC

[email protected]

Tiago Rodrigues Antao . RIPE 45, May 2003, Barcelona . http://www.ripe.net 2

Outline

• Objectives• Introduction to PKI• Roadmap• Current status• Next steps


How do we interact now?

RIPE NCCmember

RIPE DB

LIR portal

Very weak authentication,

lack of confidentiality

Rev DNS

Passwordauthentication

Weak authschemes withwebupdates

Very weak authentication

Not Unified

[email protected]


Objectives

• Easy to use, faster interaction with RIPE NCC’s services

• Stronger unified security mechanisms• Support for privilege/credentials management• Low deployment and maintenance costs for users• Optional for LIRs• Supported by industry-standards (X.509 PKI)


Roadmap

• Project presentation – RIPE 44• LIR Portal, administrative system,

infrastructure setup• Database integration• Registration Services


A PKI primer• Infrastructure to support public key cryptography• Fundamental problem: Trust a public key tie with

an user. That is: This user says that his public key represents LIR zz.example, is this true?

• X.509 PKI based solutions use a centralised approach: there is an entity that certifies that a certain tie is trustable – The Certificate Authority

• After having a certificate the user can use it to authenticate herself and pursue secure (authenticated, encrypted and non-reputable) communications with the other party


A PKI primer – the NCC way

• RIPE NCC developed and operates a Certificate Authority

• Caveat: The certificates issued by the RIPE NCC are only to be trusted by the RIPE NCC. LIRs cannot use them to communicate with other parties, so …

• The PKI is used not for its certification merits, but as a standard, universally available technology mechanism for secure communication


Current implementation

• Infrastructure for the management of certificates by LIRs. This management can be done via the LIR Portal.

• First use case: Logging into the LIR Portal…• … As an alternative to username/password pair• … No benefits of unification are shown (still only

one service)


Certificate management cycle

LIR User

CertificateAuthority

LIRPortal

Request a certificateSend browser form

Send public key

Request certificatefor key linked with LIR ID

Certificate

RIPE NCC never sees the private key

Certificate

Certificate

Some time later the user wants to revoke the certificate…

Revocation requestCertificate is included

in the Certificate Revocation List (CRL)


LIR Portal use case

• When a user logs in, she can choose either to use a certificate or login with a username/password pair


What’s next

• Database integration– X.509 mail authentication– Webupdates X.509 client-side authentication

• PGP is not in practice possible via the web, so:• X.509 authentication will be the strongest mechanism for

webupdates

– Single sign-on between LIR Portal and webupdates


Community involvement

• Draft document availablehttp://www.ripe.net/ripe/draft-documents/pki-20030429.html

– Comments are requested

• After each milestone the project will be evaluated– Can take a different direction, or even stop completely


[email protected]

Documents

Improved Secure Communication System for RIPE NCC Members