Behind the scenes at the FIRST-tech team

Tuesday, 11th of Nov 2017

FIRST has been historically using a Certificate Authority (CA) to issue SSL client certificates to its members for accessing our services. This CA was quite old and always operated via manual intervention (logging into the CA, issuing certificates, etc). Thanks to our technical support team, this core part of FIRSTs' infrastructure was replaced by a more modern CA .

Now why is that so important?

First of all, you might have heard at one of the last two Annual General Meetings, that FIRST is moving towards an Association Management System (AMS). This will keep the members records in a central place and be the de-facto new members database. Connected to this database, we are establishing interfaces which allow Single Sign On (SSO) possibilities for all our services. Hence, the new CA as well as LDAP will be essential components for this interface.

The goal will be to expand FIRSTs services to its members while keeping a uniform strong authentication via TLS/SSL client certificates in place. The result will be a trusted platform for FIRST members to interact in a secure way via a multitude of services (MISP, chat, Wikis, etc).

You can find more information on how to import the new certificates into your browser in this guide.

Stay tuned for more services.

~~ Aaron Kaplan kaplan@cert.at