TACAR Updates version 1.4.3 David Groep, NIKHEF. 9 th EUGridPMA ‘RAL’ meeting – Jan 2007 - 2 David Groep – TACAR Aims  Trusted and.

Slides:



Advertisements
Similar presentations
Usage of PGP in TACAR 19th OGF Meeting Chapel Hill, USA February 1, 2007 Licia Florio Project Development Officer
Advertisements

RPKI Certificate Policy Status Update Stephen Kent.
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Classic X.509 secured profile version 4.2 Proposed Changes David Groep, Apr 20 th, 2009.
SAFE BioPharma Association CONFIDENTIAL1 SAFE Public Key Infrastructure (PKI) 2005 EDUCAUSE/Dartmouth PKI Deployment Summit.
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
Authorization WG Update David Kelsey EU Grid PMA, Copenhagen 27 May 2008.
4 th APGrid PMA F2F Meeting Academia Sinica, Taipei, Taiwan April 8, 2008 Agendahttp:// Call for note takers!
INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.
NRENs supporting Grids using current Grid technology TERENA NREN-GRID Workshop Amsterdam Milan Sova CESNET.
Authentication Policy David Kelsey CCLRC/RAL 15 April 2004, Dublin
CVE , lessons learned and actions David Groep, Nov 7 nd, 2008.
The EU Grid PMA David Kelsey CCLRC/RAL 16 April 2004, Dublin
CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
The TERENA Academic CA Repository. eIRG Meeting. Dublin, 16/04/2004 Diego R. Lopez – TF-AACE  Task Force on Authentication and.
Updates from the EUGridPMA David Groep, Oct 11 th, 2011.
Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.
9/20/2000www.cren.net1 Root Key Cutting and Ceremony at MIT 11/17/99.
Computer Science Public Key Management Lecture 5.
Community Services WI TF-EMC2 VC Meeting 29 June, 2011 Licia Florio
NENA Development Conference | October 2014 | Orlando, Florida Security Certificates Between i3 ESInet’s and FE’s Nate Wilcox Emergicom, LLC Brian Rosen.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
The CA Distribution Process David Groep, July 2007.
TERENA Updates TF-EMC2 Meeting Bologna 7-8 Nov 2011 Licia Florio
Classic X.509 secured profile version 4.2 Proposed Changes David Groep, Nov 7 nd, 2008.
March 27, 2006TAGPMA - Rio de Janeiro1 Short Lived Credential Services Profile Tony J. Genovese The Americas Grid PMA DOEGridsATF/ESnet/LBNL.
Revocation in MICS §4.4 May 11-13, 2009 Zürich, Switzerland.
TERENA TF-EMC2 Workshop David Groep,
Updates from the EUGridPMA David Groep, July 16 st, 2007.
DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.
AAI WG EMI Christoph Witzig on behalf of EMI AAI WG.
© 2003 The MITRE Corporation. All rights reserved For Internal MITRE Use Addressing ISO-RTO e-MARC Concerns: Clarifications and Ramifications Response.
EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.
ESnet RAF and eduroam ™ Tony J. Genovese ATF Team ESnet/Lawrence Berkeley National Laboratory.
“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.
Summary of AAAA Information David Kelsey Infrastructure Policy Group, Singapore, 15 Sep 2008.
Security Policy Update David Kelsey UK HEP Sysman, RAL 1 Jul 2011.
Distribution Repository Structure David Groep,
David Groep Nikhef Amsterdam PDP & Grid Some Comments on “Problem description for non-proliferation issues in Grids” Joint Security Policy Group 7 December.
Discussions on the Life Ray Portal and credential management David Groep, Oct 11 th, 2011.
EGI-InSPIRE RI EGI.eu European Grid Infrastructure EGI-InSPIRE RI Credential Validation Middleware Requests compiling.
A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) 1 st WISE, Barcelona 20 Oct 2015.
IOTA AP Towards Differentiated Identity Assurance David Groep, Nikhef supported by the Netherlands e-Infrastructure and SURFsara.
Updates from the EUGridPMA David Groep, May 9 st, 2007.
Updates from the European Side of the Pond David Groep, November 2006.
NECTEC-GOC CA The 3 rd APGrid PMA face-to-face meeting. June, Suriya U-ruekolan National Electronics and Computer Technology Center, Thailand.
Security Policy Update WLCG GDB CERN, 14 May 2008 David Kelsey STFC/RAL
Community PKIs Initiatives Updates TF-EMC2 Meeting Loughborough, UK 6-7 May, 2009 Licia Florio, TERENA
EGI-InSPIRE RI EGI EGI-InSPIRE RI Establishing Identity in EGI the authentication trust fabric of the IGTF and EUGridPMA.
WLCG Authentication & Authorisation LHCOPN/LHCONE Rome, 29 April 2014 David Kelsey STFC/RAL.
The NGS Support Centre Katie Weeks. NGS Support Centre SLD Many areas to NGS Support Centre –SLD defines supported areas including: Certification Authority.
8-Mar-01D.P.Kelsey, Certificates, WP6, Amsterdam1 WP6: Certificates for DataGrid Testbeds David Kelsey CLRC/RAL, UK
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
The Glasgow Experience: From DAEDALUS to Enlighten William J Nixon and Morag Greig Glasgow University Library IUA Librarians Group, 20 th February 2007.
CMSC 414 Computer and Network Security Lecture 18 Jonathan Katz.
NIIF CA Status Update and Self-Audit Results 15 th EUGridPMA meeting Nicosia Tamás Máray NIIF Institute.
Gilda certificates. Certification Authority
TR-GRID CA Self-Auditing Results and Status Update EUGridPMA Meeting September 12-14, 2011 Marrakesh Feyza Eryol, Onur Temizsoylu TUBITAK-ULAKBIM
FP6−2004−Infrastructures−6-SSA [ Empowering e Science across the Mediterranean ] Rome, Tutorial for Certification Authority Managers,
Summary of Poznan EUGridPMA32 September EUGridPMA Poznan 2014 meeting – 2 David Groep – Welcome back at PSNC.
EGI-InSPIRE RI EGI (IGTF Liaison Function) EGI-InSPIRE RI IGTF & EUGridPMA status update SHA-2 – and more (David Groep,
QuoVadis Group Roman Brunner, Group CEO Update for EUGridPMA – May 12, 2009.
News from EUGridPMA EGI OMB, 22 Jan 2013 David Kelsey (STFC) Using notes from David Groep 22/01/20131EUGridPMA News.
Updates from the EUGridPMA David Groep, Oct 17 st, 2007.
Tender Briefing Session COR34/2016
Classic X.509 AP updates (v4.1)
LTEP Application Seminar
The IGTF Charter Name uniqueness throughout the IGTF is anchored in the Charter Current Charter assigns a namespace to an Authority, implying that the.
Certificates An increasingly popular form of authentication
Presentation transcript:

TACAR Updates version David Groep, NIKHEF

9 th EUGridPMA ‘RAL’ meeting – Jan David Groep – TACAR Aims  Trusted and Centralized place for obtaining CA root certificates  for download by users for use in browsers, mailers &c  for validation of roots obtained by other means  Not meant for policy validation  no minimum policy or technical requirements to get in  but CAs can be grouped (i.e. by IGTF AuthN Profile)  Focus on validation of the organisation that submits the root certificate(s)

9 th EUGridPMA ‘RAL’ meeting – Jan David Groep – TACAR Repository Function

9 th EUGridPMA ‘RAL’ meeting – Jan David Groep – TACAR immediate role for the IGTF  Authentic source of the trust anchors that go into the other distribution formats  helps those constructing the distribution …  Independent check for IGTF re-distributors  although still not all CAs are in TACAR …

9 th EUGridPMA ‘RAL’ meeting – Jan David Groep – Getting into it  Has been perceived “too slow”, or “impractical”  previously, a F2F meeting with a TERENA Officer (Licia) was required  is about to change … see next slides  has been perceived as “difficult”, or “too much work”  there is indeed paperwork to be done  that brings added value as an independent validation point  New policy to address some of these concerns

9 th EUGridPMA ‘RAL’ meeting – Jan David Groep – Paperwork required  Prepare a CD-ROM with  your root certificate  CP and/or CPS documents (PDF format)  Copy of Registration Letter  list of the root certificates and meta-data  name &c of the CA organisation  name of the CA representative  Copy of Accreditation Letter  list of administrators and managers allowed to make updates to TACAR for that CA  A Direct Responsible Person as an ultimate SoA  Paper versions of the Registration and Accreditation Letter  If you want to update this data electronically  PGP keys, cross signed with the TACAR representative  PGP signed versions of all of the above

9 th EUGridPMA ‘RAL’ meeting – Jan David Groep – New in v1.4.3: Trusted Introducers  Formerly all this had to be done with a TERENA Officer  Now, you can do it with a Trusted Introducer as well  appointed by the TACAR Community  one per CA coordinating body/organisation  that regularly meets CA representatives  TI then has to do all the work with Licia afterwards

9 th EUGridPMA ‘RAL’ meeting – Jan David Groep – Implementation  Policy v1.4.3 has been discussed extensively  Latest draft 22 Nov 2006  No comments received on TF-EMC2 after that  with EUGridPMA acceptance, majority of TACAR Community will have agreed  Will hopefully get everyone into TACAR this time …

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.