On 25.05.23 16:45, Andreas Grabmüller | QuarIT GmbH wrote:

I’ve got a question about this (as I honestly don’t know). Do people care about “secure”? [...] is RIPE a school that offers some state approved certificates or something? If not, why do we need tests at all and especially some testing methology that can be so privacy invasive?

I think it benefits us all to offer learning opportunities to everyone (not just members) [...]

While I need to do a RIPE SSO login to take a *course*, the RIPE Academy apparently doesn't care much who (else) might be sitting in front of the monitor etc., so the *learning* part is rather free of security concerns. The proctoring comes into play when you're taking an *exam*, and I suppose that some employer looking at the certifications, selecting job applicants based on them, deciding about pay raises according to them, etc. is enough of a possibility as to *not* simply throw the process to a low-security approach. Of course, "securing" exams again addresses several, somewhat disparate definitions of "security". As an example, you want to ascertain both that the examinee / certified-professional-to-be is who he claims he is, and that he does not have a committee of experts sitting in the next room in front of a second monitor and holding quickly-scribbled cheat sheets up to some window. The former is currently done by having the examinee wave a gvt. ID in front of the camera, and the proctor trying to tell real video footage from a deepfake with a manipulated ID pasted in - and *could* instead be done by actual *online* mechanisms, like the eID functions in my German ID card. The latter form of cheating, on the other hand, would be rather difficult to detect in any way *other* than by keeping a close eye on the video throughout the exam. (I actually asked whether use of EU's eIDAS or somesuch is in the plans, and was told that RIPE's focus is on offering equal opportunities across its *entire* service area, so no.) Kind regards, -- Jochen Bern Systemingenieur Binect GmbH