Upload
watson
View
37
Download
0
Embed Size (px)
DESCRIPTION
Improved Secure Communication System for RIPE NCC Members. Tiago Rodrigues Antao RIPE NCC [email protected]. Outline. Objectives Introduction to PKI Roadmap Current status Next steps. How do we interact now?. Very weak authentication, lack of confidentiality. Very weak authentication. - PowerPoint PPT Presentation
Citation preview
1Tiago Rodrigues Antao . RIPE 45, May 2003, Barcelona . http://www.ripe.net
Improved Secure Communication System for RIPE NCC Members
Tiago Rodrigues Antao
RIPE NCC
Tiago Rodrigues Antao . RIPE 45, May 2003, Barcelona . http://www.ripe.net 2
Outline
• Objectives• Introduction to PKI• Roadmap• Current status• Next steps
Tiago Rodrigues Antao . RIPE 45, May 2003, Barcelona . http://www.ripe.net 3
How do we interact now?
RIPE NCCmember
RIPE DB
LIR portal
Very weak authentication,
lack of confidentiality
Rev DNS
Passwordauthentication
Weak authschemes withwebupdates
Very weak authentication
Not Unified
Tiago Rodrigues Antao . RIPE 45, May 2003, Barcelona . http://www.ripe.net 4
Objectives
• Easy to use, faster interaction with RIPE NCC’s services
• Stronger unified security mechanisms• Support for privilege/credentials management• Low deployment and maintenance costs for users• Optional for LIRs• Supported by industry-standards (X.509 PKI)
Tiago Rodrigues Antao . RIPE 45, May 2003, Barcelona . http://www.ripe.net 5
Roadmap
• Project presentation – RIPE 44• LIR Portal, administrative system,
infrastructure setup• Database integration• Registration Services
Tiago Rodrigues Antao . RIPE 45, May 2003, Barcelona . http://www.ripe.net 6
A PKI primer• Infrastructure to support public key cryptography• Fundamental problem: Trust a public key tie with
an user. That is: This user says that his public key represents LIR zz.example, is this true?
• X.509 PKI based solutions use a centralised approach: there is an entity that certifies that a certain tie is trustable – The Certificate Authority
• After having a certificate the user can use it to authenticate herself and pursue secure (authenticated, encrypted and non-reputable) communications with the other party
Tiago Rodrigues Antao . RIPE 45, May 2003, Barcelona . http://www.ripe.net 7
A PKI primer – the NCC way
• RIPE NCC developed and operates a Certificate Authority
• Caveat: The certificates issued by the RIPE NCC are only to be trusted by the RIPE NCC. LIRs cannot use them to communicate with other parties, so …
• The PKI is used not for its certification merits, but as a standard, universally available technology mechanism for secure communication
Tiago Rodrigues Antao . RIPE 45, May 2003, Barcelona . http://www.ripe.net 8
Current implementation
• Infrastructure for the management of certificates by LIRs. This management can be done via the LIR Portal.
• First use case: Logging into the LIR Portal…• … As an alternative to username/password pair• … No benefits of unification are shown (still only
one service)
Tiago Rodrigues Antao . RIPE 45, May 2003, Barcelona . http://www.ripe.net 9
Certificate management cycle
LIR User
CertificateAuthority
LIRPortal
Request a certificateSend browser form
Send public key
Request certificatefor key linked with LIR ID
Certificate
RIPE NCC never sees the private key
Certificate
Certificate
Some time later the user wants to revoke the certificate…
Revocation requestCertificate is included
in the Certificate Revocation List (CRL)
Tiago Rodrigues Antao . RIPE 45, May 2003, Barcelona . http://www.ripe.net 10
LIR Portal use case
• When a user logs in, she can choose either to use a certificate or login with a username/password pair
Tiago Rodrigues Antao . RIPE 45, May 2003, Barcelona . http://www.ripe.net 11
What’s next
• Database integration– X.509 mail authentication– Webupdates X.509 client-side authentication
• PGP is not in practice possible via the web, so:• X.509 authentication will be the strongest mechanism for
webupdates
– Single sign-on between LIR Portal and webupdates
Tiago Rodrigues Antao . RIPE 45, May 2003, Barcelona . http://www.ripe.net 12
Community involvement
• Draft document availablehttp://www.ripe.net/ripe/draft-documents/pki-20030429.html
– Comments are requested
• After each milestone the project will be evaluated– Can take a different direction, or even stop completely
Tiago Rodrigues Antao . RIPE 45, May 2003, Barcelona . http://www.ripe.net 13