RIPE Database and Security Joachim Schmitz (JS395-RIPE) 22./23. May 1997

---

Need for Security? Yes

• there is some history (maintainer etc)
• "active" security
  • maintainer
  • hierarchical authorisation
• "passive" security
  • RIPE AUP
  • restricted read access

---

Enough? No

• awareness
• possible "incidents"
• improvements to security

---

Issues

• strong authentication
  • inventory: PGP, MD5, PEM, alternatives
  • PGP implementation http://www.ra .net/RADB.tools.docs/pgp.html PGP licensing http://www.ascom.ch/Web/systec/policy/normal/policy.html
  • user platforms
  • key signing
  • ...
• distributed database
  • security mechanisms
  • integrity and consistency
• ...

---

Progress "task force"

• collect information
• define projects

---

The task force started working after the 27th RIPE meeting and will come up with suggestions and projects at one of the next RIPE meetings