On 3 Sep 2019, at 11:38, Robert Kisteleki wrote:
On 2019-09-03 11:17, Shane Kerr wrote:
…
Sorry for asking this question so late in this thread, but what
exactly
are the certificates used for?
The anchors provide very basic services intended to help users who
want
to use the anchors as measurement targets. They answer incoming ping,
DNS and HTTP(S) queries (see https://atlas.ripe.net/docs/anchors/).
The
HTTP(S) service can respond with pages of various sizes which is
intended to help PMTUD tests for example.
It's possible that someone would want to check the TLS certificate of
the measured anchor, in which case a "proper" certificate may come
handy.
Regards,
Robert
Going back to Jóhann, who brought this up:
“Using a self signed certificate in today's age act's as an indicator
that the security on the device or server in use might be in question
… and thus can negatively impact the anchor hosting provider security
grade, which may lead to anchors having to be removed from data centers
to prevent them from negatively affect corporation's security
ratings.”
So we have devices that expose the https port and respond with a self
signed cert. Any security audit will flag that. Rather than explain to
the auditors that there is no ‘real’ http service here, it is a
measurement device, … Jóhann suggests to put an acceptably signed
cert there. To me this sounds like a no-brainer to make life easier for
anchor hosts and not an ideological issue about which CA to use or about
other methods of securing https. So can we deploy certs that will
satisfy the security audit and get on with life?
Daniel
