DigiNews

Summary

This post analyzes a vulnerability where RIPE NCC's SSO token (crowd.token_key) was scoped to all .ripe.net hosts, potentially leaking full access to RIPE services if tokens were captured. It discusses the attack scenarios involving RIPE Meeting network and Atlas anchors, compares token theft to CSRF, explains why DNS CAA fixes were necessary, and outlines recommended mitigations for reducing trust scope and strengthening authentication.