This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ncc-services-wg@ripe.net/
[ncc-services-wg] Authentication Proposal for RIPE NCC Access
- Previous message (by thread): [ncc-services-wg] Authentication Proposal for RIPE NCC Access
- Next message (by thread): [ncc-services-wg] Authentication Proposal for RIPE NCC Access
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Piotr Strzyzewski
Piotr.Strzyzewski at polsl.pl
Wed Dec 4 21:42:33 CET 2013
On Wed, Dec 04, 2013 at 12:57:26PM +0100, Alex Band wrote: > In our RIPE NCC Access authentication system, we offer the ability to > log in using an X.509 identity certificate instead of a username and > password. This functionality was transferred from the legacy > authentication system we used to have, without evaluating the value of > this feature at the time. > > Since then, we have encountered several implementation, user interface > and support issues surrounding this feature, while it is used by less > than 0.7% of the users with a RIPE NCC Access account. Most > importantly, the functionality does not actually offer any additional > security. This is something that is provided by true two-factor > authentication. > > We would like to propose to put this functionality in maintenance > mode, meaning that it would be provided as it is without a service > guarantee. Alternatively, it could be removed altogether. This would > free us of a maintenance and support burden, meaning that we can spend > these resources on other valuable services. Ok for me. > If the membership approves, the RIPE NCC could investigate ways to > implement true two-factor authentication for RIPE NCC Access. I'm glad to hear that. Piotr -- gucio -> Piotr Strzyżewski E-mail: Piotr.Strzyzewski at polsl.pl
- Previous message (by thread): [ncc-services-wg] Authentication Proposal for RIPE NCC Access
- Next message (by thread): [ncc-services-wg] Authentication Proposal for RIPE NCC Access
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]