[ncc-services-wg] Authentication Proposal for RIPE NCC Access
- Previous message (by thread): [ncc-services-wg] Authentication Proposal for RIPE NCC Access
- Next message (by thread): [ncc-services-wg] Authentication Proposal for RIPE NCC Access
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Piotr Strzyzewski
Piotr.Strzyzewski at polsl.pl
Wed Dec 4 21:42:33 CET 2013
On Wed, Dec 04, 2013 at 12:57:26PM +0100, Alex Band wrote: > In our RIPE NCC Access authentication system, we offer the ability to > log in using an X.509 identity certificate instead of a username and > password. This functionality was transferred from the legacy > authentication system we used to have, without evaluating the value of > this feature at the time. > > Since then, we have encountered several implementation, user interface > and support issues surrounding this feature, while it is used by less > than 0.7% of the users with a RIPE NCC Access account. Most > importantly, the functionality does not actually offer any additional > security. This is something that is provided by true two-factor > authentication. > > We would like to propose to put this functionality in maintenance > mode, meaning that it would be provided as it is without a service > guarantee. Alternatively, it could be removed altogether. This would > free us of a maintenance and support burden, meaning that we can spend > these resources on other valuable services. Ok for me. > If the membership approves, the RIPE NCC could investigate ways to > implement true two-factor authentication for RIPE NCC Access. I'm glad to hear that. Piotr -- gucio -> Piotr Strzyżewski E-mail: Piotr.Strzyzewski at polsl.pl
- Previous message (by thread): [ncc-services-wg] Authentication Proposal for RIPE NCC Access
- Next message (by thread): [ncc-services-wg] Authentication Proposal for RIPE NCC Access
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]