[ncc-services-wg] Authentication Proposal for RIPE NCC Access

Hi,

Not using it, so I won't miss it.
Two factor auth is on the right direction, so I support it.

Regards,
George




On Wed, Dec 4, 2013 at 1:57 PM, Alex Band <alexb at ripe.net> wrote:

> Dear colleagues,
>
> In our RIPE NCC Access authentication system, we offer the ability to log
> in using an X.509 identity certificate instead of a username and password.
> This functionality was transferred from the legacy authentication system we
> used to have, without evaluating the value of this feature at the time.
>
> Since then, we have encountered several implementation, user interface and
> support issues surrounding this feature, while it is used by less than 0.7%
> of the users with a RIPE NCC Access account. Most importantly, the
> functionality does not actually offer any additional security. This is
> something that is provided by true two-factor authentication.
>
> We would like to propose to put this functionality in maintenance mode,
> meaning that it would be provided as it is without a service guarantee.
> Alternatively, it could be removed altogether. This would free us of a
> maintenance and support burden, meaning that we can spend these resources
> on other valuable services.
>
> If the membership approves, the RIPE NCC could investigate ways to
> implement true two-factor authentication for RIPE NCC Access.
>
> We look forward to hearing your feedback.
>
> Kind regards,
>
> Alex Band
> Product Manager
> RIPE NCC
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </ripe/mail/archives/ncc-services-wg/attachments/20131204/1b92f1a1/attachment.html>