[ca-tf] CA-TF meeting minutes, 5 May 2008

Certification Task Force Meeting Minutes
5 May 2008
Palace Hotel, Berlin

Andrew de la Haye outlined the purpose of this meeting, which is to  
discuss the presentations being made to the community at this RIPE  
Meeting.

Andrew outlined the initial presentation, which will be delivered by  
Nigel Titley on behalf of the Task Force. This is largely the same as  
the presentation given at the last Task Force meeting, and includes  
slides on the drivers for certification, the "added value" offered by  
certification and a summary of the Task Force's activities to date.

Trudy Prins of the RIPE NCC then discussed the presentation that she  
and Oleg Muravskiy will give to the plenary. This includes the  
messages that:
  - A certificate is not the trust anchor, the registry is
  - Certification is all about allocations, with the certificate  
simply a representation of an allocation

The presentation will also outline the recursive RPKI engine model  
under which certification will operate. Andrew noted that the slides  
on this model were inserted after the last TF meeting, which  
highlighted the need to clarify this idea, particularly the recursive  
aspect.

Oleg outlined his section of the presentation, which includes  
discussion of automated provisioning, and ROAs (Route Origination  
Authorisations) and how they are related to certificates. His  
presentation will also include a demonstration of the user interface.

Robert Kisteleki noted that when generating an ROA there is a lot  
going on in the background, and maybe there should be a slide to  
reflect this. He also felt that it is important to note that the  
information in the demo is not part of the actual RIPE Database.  
Trudy agreed, though noted that the RIPE NCC aims to have information  
in the real database in the next few weeks. She also felt that we  
should give an idea of what is expected of people who wish to be  
involved in the next stage of testing. Her presentation will also  
include a timeline for the testing from RIPE 56 (May) to RIPE 57  
(October). She noted that the NCC will provide three regular updates  
to the test group (and the Task Force), which will include  
explanatory webcasts. For RIPE 57 the RIPE NCC hopes to have a  
production release, though possibly it will be a beta release.

Trudy noted that the presentation does not currently touch on the  
transfer issue, but that the presentation will hopefully be enough to  
get people interested and involved.

Gert noted that the plenary presentation should also direct people to  
the Routing and AP Working Groups, where there are related policy  
proposals being discussed at this meeting. Daniel agreed, and noted  
that there should be a couple of points in the presentation for  
prospective testers discussing what's in it for the testers and for  
the RIPE NCC. He also suggested including an estimate of the time  
involved on the tester's part (x hours to learn the system, and  
possibly then y hours to provide useful feedback).

Andrew suggested that the presentation include a note that automated  
provisioning is a first step, and that further services will be  
rolled out, including transfer possibilities.

Ruediger felt that a road map with some keywords would be useful in  
convincing people to participate, and asked what means of  
communication will be used for circulating feedback. Trudy noted that  
the mailing list and webcast will be the main communication channels.

Andrew thanked the participants and noted that the presentation will  
be circulated to the TF by the end of Monday so that everyone will be  
aware of what is being presented.