Presentation is loading. Please wait.

Presentation is loading. Please wait.

PKI Update December, 2008 Nicholas Davis. Quick Background 2004 UW-Madison purchased co-managed solution from Geotrust Both client certs and SSL certs.

Published byJessie Maxwell Modified over 8 years ago

Similar presentations

Presentation on theme: "PKI Update December, 2008 Nicholas Davis. Quick Background 2004 UW-Madison purchased co-managed solution from Geotrust Both client certs and SSL certs."— Presentation transcript:

1 PKI Update December, 2008 Nicholas Davis

2 Quick Background 2004 UW-Madison purchased co-managed solution from Geotrust Both client certs and SSL certs are purchased from Geotrust Started September, 2004 Centrally funded

3 Current Environment Over 1000 client certs currently in use across campus Used for email signing, document signing and encryption Documents, PDF, Word, multiple email clients We hosted the First Annual Educause PKI Deployment Forum in April, 2008.

4 New Use for Certificates at UW Dual factor authentication to protect sensitive web applications Web Initial Sign-on Client based on Pubcookie Altered to authenticate via digital certificates

5 Where are the Certificates Stored? Etokens, local drives HID Crescendo Cards New UW-Madison ID cards contain: magnetic stripe, bar code, printed number, picture, status (staff/student), 2 RFID cores (Prox and iClass) Subset of cards (250) contain the HID Crescendo chipset

6 UW ID Card Continued Crescendo chipset Raaksign software Windows only software included, Macintosh 3 rd party software available Design story

7 McAfee Safeboot Whole disk encryption being deployed on a volunteer basis Can use certificates in pre- boot authentication HID Crescendo card is supported by McAfee for pre- boot authentication

8 PKI Rollout to UW-System UW System plans to roll digital certificates out across UW statewide system 26 campuses Prime driver is encrypting sensitive email and digital signing of mass email 56,000 person signed email sent this week

9 Issues With Mass Email Too complex for some people to figure out Some people agree to delegate signing authority Is it ideal? No Does it get the job done? Yes

10 Our Guiding Principles Keep it simple Balance ideal security with the needs of our user community Make it usable outside of our campus Coolness factor, can’t be underestimated. The unified card is a big hit!

11 Next Steps Put our PKI contract out for bid Geotrust absorbed by Verisign, True Credentials no longer being actively promoted or developed

12 Questions Questions and comments welcome at this time, EXCEPT for questions from Scott Rea! Nicholas Davis ndavis1@wisc.edu

Download ppt "PKI Update December, 2008 Nicholas Davis. Quick Background 2004 UW-Madison purchased co-managed solution from Geotrust Both client certs and SSL certs."

Similar presentations

1 PKI Buy vs. Build Decision at UW-Madison Presented by Nicholas Davis PKI Project Leader UWMadison, Division of Information Technology.

1 PKI Buy vs. Build Decision at UW-Madison Presented by Nicholas Davis PKI Project Leader UWMadison, Division of Information Technology.
PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.

PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Mobile Devices in the DoD

Mobile Devices in the DoD
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Dartmouth PKI Certificate Deployment June 2004 Fed Ed Meeting.

Dartmouth PKI Certificate Deployment June 2004 Fed Ed Meeting.
SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.

SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.
PKI Implementation in the Real World

PKI Implementation in the Real World
Data Security The Best Data Security In The Industry.

Data Security The Best Data Security In The Industry.
Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.
Technical Issues with Establishing Levels of Assurance Zephyr McLaughlin Lead, Security Middleware Computing & Communications University of Washington.

Technical Issues with Establishing Levels of Assurance Zephyr McLaughlin Lead, Security Middleware Computing & Communications University of Washington.
Submitted by- Mr. Avinash Sadaphule 20 November 2009 Management Trainee, MKCL.

Submitted by- Mr. Avinash Sadaphule 20 November 2009 Management Trainee, MKCL.
Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.

Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.

PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
DGC Paris 4.03.02 Community Authorization Service (CAS) and EDG Presentation by the Globus CAS team & Peter Kunszt, WP2.

DGC Paris Community Authorization Service (CAS) and EDG Presentation by the Globus CAS team & Peter Kunszt, WP2.
Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)

Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)
PKI Past, Present and Future at the UW Nicholas Davis, PKI Project Leader Eighth Annual Educause PKI Summit.

PKI Past, Present and Future at the UW Nicholas Davis, PKI Project Leader Eighth Annual Educause PKI Summit.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

Similar presentations

Ads by Google