[ca-tf] RIPE Certification Task Force meeting minutes
Henk Uijterwaal henk at ripe.net
Wed Nov 7 17:24:42 CET 2007
Hi Ronald, (Distribution list reduced.) > By the end of the year we need to deliver a document to SURFnet. I'd be very interested to see this document, as from the outline it seems that it addresses questions more people have. > I expect that it will contain the following items: > - what is this all about I gave a talk at UKNOF in September, www.uknof.co.uk, this has some slides on why you want to do this. I'm currently updating the slides for a similar talk @ MENOG in 2 weeks time. Slides of that will be on the RIPE website. > - what is the current implementation status Prototypes and plans. > - how can the SURFnet NOC use the verification possibilities Most likely this will be put into your routers. A prefix is announced to you with a cert, the router verifies the cert, if the cert is valid, it can be put in the RIB or FIB. > - what does resource certificates mean for SURFnet as a LIR In short: it should be able to store certificates, verify them and generate certificates for sub-allocations that it gives to its customers. To do this, they'll have to set up their own CA. This can be outsourced, we are already expecting that the RIPE'll have to set up a mechanism where we can run a CA for most LIRs. > It would be nice if we could play with some prototype to see how > all of this will work in real life. > > We noticed > http://ca-trial.ripe.net/~caservice/server.cgi > is currently down. Yes, and I don't think it will tell you much: you can generate a cert and verify it, but you cannot use it for any application yet (as the apps haven't been developed). > > At an IETF SIDR meeting I wrote down this URL: > http://mirin.apnic.net/resourcecerts/ > But I don't understand if the wiki is kept up to date or not. It is. Feel free to call me some time if you want more details. Henk -- ------------------------------------------------------------------------------ Henk Uijterwaal Email: henk.uijterwaal(at)ripe.net RIPE Network Coordination Centre http://www.amsterdamned.org/~henk P.O.Box 10096 Singel 258 Phone: +31.20.5354414 1001 EB Amsterdam 1016 AB Amsterdam Fax: +31.20.5354445 The Netherlands The Netherlands Mobile: +31.6.55861746 ------------------------------------------------------------------------------ Is one of the choices leaving the office open? Alan Greenspan on the next elections
[ Ca-tf Archive ]
