Improved Secure Communication System for RIPE NCC Members

1
Improved Secure Communication System for RIPE NCC
Members

• Tiago Rodrigues Antao
• RIPE NCC
• tiago_at_ripe.net

2
Outline

• Objectives
• Introduction to PKI
• Roadmap
• Current status
• Next steps

3
How do we interact now?
Very weak authentication, lack of confidentiality
Very weak authentication
hostmaster_at_ripe.net
RIPE NCC member
Rev DNS
Not Unified
LIR portal
Password authentication
Weak auth schemes with webupdates
RIPE DB
4
Objectives

• Easy to use, faster interaction with RIPE NCCs
  services
• Stronger unified security mechanisms
• Support for privilege/credentials management
• Low deployment and maintenance costs for users
• Optional for LIRs
• Supported by industry-standards (X.509 PKI)

5
Roadmap

• Project presentation RIPE 44
• LIR Portal, administrative system,
  infrastructure setup
• Database integration
• Registration Services

6
A PKI primer

• Infrastructure to support public key cryptography
• Fundamental problem Trust a public key tie with
  an user. That is This user says that his public
  key represents LIR zz.example, is this true?
• X.509 PKI based solutions use a centralised
  approach there is an entity that certifies that
  a certain tie is trustable The Certificate
  Authority
• After having a certificate the user can use it to
  authenticate herself and pursue secure
  (authenticated, encrypted and non-reputable)
  communications with the other party

7
A PKI primer the NCC way

• RIPE NCC developed and operates a Certificate
  Authority
• Caveat The certificates issued by the RIPE NCC
  are only to be trusted by the RIPE NCC. LIRs
  cannot use them to communicate with other
  parties, so
• The PKI is used not for its certification merits,
  but as a standard, universally available
  technology mechanism for secure communication

8
Current implementation

• Infrastructure for the management of certificates
  by LIRs. This management can be done via the LIR
  Portal.
• First use case Logging into the LIR Portal
• As an alternative to username/password pair
• No benefits of unification are shown (still
  only one service)

9
Certificate management cycle
LIR Portal
Request certificate for key linked with LIR ID
Certificate Authority
Certificate
Revocation request
Certificate is included in the Certificate
Revocation List (CRL)
Request a certificate
Send browser form
Send public key
Certificate
LIR User
RIPE NCC never sees the private key
Certificate
Some time later the user wants to revoke the
certificate
10
LIR Portal use case

• When a user logs in, she can choose either to use
  a certificate or login with a username/password
  pair

11
Whats next

• Database integration
• X.509 mail authentication
• Webupdates X.509 client-side authentication
• PGP is not in practice possible via the web, so
• X.509 authentication will be the strongest
  mechanism for webupdates
• Single sign-on between LIR Portal and webupdates

12
Community involvement

• Draft document available
• http//www.ripe.net/ripe/draft-documents/pki-2003
  0429.html
• Comments are requested
• After each milestone the project will be
  evaluated
• Can take a different direction, or even stop
  completely

13
tiago_at_ripe.net