Re: [ripe-list] RIPE NCC PGP-Key expired
Dominic, Dominic Schallert:
we noticed that the PGP-Key for ncc@ripe.net <mailto:ncc@ripe.net> (Key ID: C6839AEF) has expired on the 2nd of February 2018. As of writing, no new public keys have been published over at https://www.ripe.net/manage-ips-and-asns/contact/ripe-ncc-pgp-keys
Looking ahead to the rollout of the EU GDPR in May 2018, it might be beneficial to allow for PGP-encrypted communication between LIRs and RIPE NCC, besides the existing PGP-based database authentication mechanism.
Thanks for noticing this and bringing it up. One might say that since you are the first to notice and report this, almost a month after it expired, perhaps we should abandon PGP as a communication mechanism? Maybe we should ask the RIPE NCC to provide a more modern secure channel to communicate with them, such as Signal or some other open source encryption technology? Cheers, -- Shane
Hi Shane, all! shane@time-travellers.org:
... perhaps we should abandon PGP as a communication mechanism? Maybe we should ask the RIPE NCC to provide a more modern secure channel to communicate with them, such as Signal or some other open source encryption technology?
If there are better alternatives, go for them! Just please make sure that a proper evaluation is performed, with a decent requirements process, where the community is allowed to get involved (so we don't have a repeat of the ZenDesk "skirmish"). NCC Services WG, here we come! :-) Cheers, /Liman #---------------------------------------------------------------------- # Lars-Johan Liman, M.Sc. ! E-mail: liman@netnod.se # Senior Systems Specialist ! Tel: +46 8 - 562 860 12 # Netnod Internet Exchange, Stockholm ! http://www.netnod.se/ #----------------------------------------------------------------------
Good morning, Shane, all — On 1 Mar 2018, at 21:48, Shane Kerr <shane@time-travellers.org> wrote:
One might say that since you are the first to notice and report this, almost a month after it expired, perhaps we should abandon PGP as a communication mechanism?
One might say that since Dominic was the first to notice, almost a month after it expired, perhaps we already HAVE. Best wishes Andy
Hello all, we. LIR de.government, had already a discussion about secure and encrypted communication with RIPE NCC. I would propose not to limit the secure channels to RIPE NCC, but to support them all. In case of E-Mail PGP / GPG and S/MIME. Encrypted (bidirectional) e-mail should be the default like it is for most of the websites with SSL. Second question is then how 3rd party data is secured while it is processed by RIPE NCC? A transparent data protection concept of RIPE NCC could support trust. Perhaps it needs a person exclusively responsible for these issues at RIPE NCC? Best regards / Mit freundlichen Grüßen Tahar Schaa Management Consultant Cassini Consulting GmbH Bennigsen-Platz 1 40474 Düsseldorf T +49 (0) 151 11 44 38 75 F +49 (0) 211 65 85 41 34 mail tahar.schaa@cassini.de visit www.cassini.de Think green - keep it on the screen! Cassini Consulting GmbH | Bennigsen-Platz 1 | 40474 Düsseldorf Geschäftsführer: Sven Wiedenhöfer | Michael Schmitz Sitz der Gesellschaft: Düsseldorf | Registergericht Düsseldorf HRB 53235 Guiding ahead - Cassini ist Management- und Technologieberatung -----Ursprüngliche Nachricht----- Von: ripe-list [mailto:ripe-list-bounces@ripe.net] Im Auftrag von Andy Davidson Gesendet: Freitag, 2. März 2018 08:53 An: Shane Kerr <shane@time-travellers.org> Cc: ripe-list@ripe.net Betreff: Re: [ripe-list] RIPE NCC PGP-Key expired Good morning, Shane, all — On 1 Mar 2018, at 21:48, Shane Kerr <shane@time-travellers.org> wrote:
One might say that since you are the first to notice and report this, almost a month after it expired, perhaps we should abandon PGP as a communication mechanism?
One might say that since Dominic was the first to notice, almost a month after it expired, perhaps we already HAVE. Best wishes Andy
Den 02-03-2018 kl. 08:53 skrev Andy Davidson:
One might say that since you are the first to notice and report this, almost a month after it expired, perhaps we should abandon PGP as a communication mechanism?
One might say that since Dominic was the first to notice, almost a month after it expired, perhaps we already HAVE.
If searching around with encrypted.google.com points in the correct direction. It sort of looks like doing PGP encryption if in-/outgoing emails in ZenDesk is possible. ? ... Rather. Some wished ZenDesk had support for PGP encrypted emails years ago. https://support.zendesk.com/hc/en-us/community/posts/204118136-SMIME-and-gpg... Christoffer D.H.
participants (5)
-
Andy Davidson -
Christoffer Dam Hansen -
Lars-Johan Liman -
Schaa, Tahar -
Shane Kerr