Presentation is loading. Please wait.

Presentation is loading. Please wait.

Upgrading CP/CPS: RFC 2527 RFC 3647 Majid Arabgol IRAN GRID CA Institute for Studies in Theoretcal Physics and Mathematics Teharn, Iran.

Published byQuentin Lloyd Modified over 9 years ago

Similar presentations

Presentation on theme: "Upgrading CP/CPS: RFC 2527 RFC 3647 Majid Arabgol IRAN GRID CA Institute for Studies in Theoretcal Physics and Mathematics Teharn, Iran."— Presentation transcript:

1 Upgrading CP/CPS: RFC 2527 RFC 3647 Majid Arabgol IRAN GRID CA Institute for Studies in Theoretcal Physics and Mathematics Teharn, Iran.

2 Back ground Iran GRID CA was approved on the basis of CP/CPS: RFC 2527 in May 2008 We promised to change to RFC 3647 as soon as possible.

3 How ??? 1.Choose existing examples ( based on RFC 3647) 2.Export the existing policy and practices into the new template 3.Think about the new/extra stipulations

4 Examples of cp/cps Magrid (Morroco) – Recently accredited PK Grid (Pakistan) – Recently upgraded ( 2527 to 3647) – Similarity with Iran UFF Brazilian CA (Brazil) – Good cross references

5 Combine with the standard template Currently approved cp/cps ( rfc 2527 ) RFC 3647 template http://www.faqs.org /rfcs/rfc3647.html Examples of cp/cps ( rfc 3647) Upgraded cp/cps (rfc 3647)

6 RFC 2527 vs RFC 3647 Improvements : – …In particular, representatives of the ISC made changes to the framework to better suite it to the legal environment and make it more accessible to lawyers (new Section 9) – … From a technical perspective, the changes to the RFC 2527 framework were minimal and incremental, rather than revolutionary.RFC 2527

7 Mapping

8 Exporting the contents of RFC 2527 Identical Improved or incremented Reconfiguration or reorganized New items

9 Examples rfc 2527rfc 3647action.. 1.2 Identification1.2Incremental or improved 4.5.6 Audit Collection System (Internal vs. External) 5.4.6Identical 2.1.3 Subscriber Obligations 4.1.2, 4.4, 4.5, 4.5.1, 4.6.5, 4.7.5, 4.8.1, 4.8.5, 4.9.1, 4.9.2, 4.9.13, 4.9.15, 5., 6., 9.6.3, 9.9 reconfiguration 2.3 Financial Responsibility9.2moved

10 Inverse Mapping

11 Examples New RFC 3647Old RFC 2527.. 1.2 Document Name and Identification 1.2 IdentificationIncremental or improved 5.4.6 Audit collection system (internal vs. external) 4.5.6 Audit Collection System (Internal vs. External) Identical 4.5 Key Pair and Certificate Usage 1.3.4, 2.1.3, 2.1.4Reconfiguration( merge /split /move) 4.9.5 Time Within Which CA Must Process the Revocation Request No Available (N/A)New item

12 Reconfigured

13

14 Incremented

15 Identical

16 Reconfigured

17 New Stipulations 1.3.4Relying PartiesIn Glossary 1.3.5Other ParticipantsNo stipulation 1.6Definitions and AcronymsGlossary 3.1.3Anonymity or Pseudonymity of Subscribers 3.2.4Non-Verified Subscriber Information No stipulation 3.2.6Criteria for InteroperationNo stipulation 4.9.5Time Within Which CA Must Process the Revocation Request 4.11End of Subscription 6.8Time-Stamping 7.3OCSP ProfileNo stipulation 9.4.1Privacy Plan 9.10Term and Termination 9.16.2Assignment

18 New items

19 In a nutshell Currently approved cp/cps ( rfc 2527 ) RFC 3647 to RFC 2527 mapping table Examples of cp/cps ( rfc 3647) Upgraded cp/cps (rfc 3647) RFC 3647 template http://www.faqs.org /rfcs/rfc3647.html

Download ppt "Upgrading CP/CPS: RFC 2527 RFC 3647 Majid Arabgol IRAN GRID CA Institute for Studies in Theoretcal Physics and Mathematics Teharn, Iran."

Similar presentations

RPKI Certificate Policy Status Update Stephen Kent.

RPKI Certificate Policy Status Update Stephen Kent.
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.
European Interoperability Architecture e-SENS Workshop : Cartography Tool in practise 7-8 January 2015.

European Interoperability Architecture e-SENS Workshop : Cartography Tool in practise 7-8 January 2015.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
RPKI Certificate Policy Stephen Kent, Derrick Kong, Ronald Watro, Karen Seo July 21, 2010.

RPKI Certificate Policy Stephen Kent, Derrick Kong, Ronald Watro, Karen Seo July 21, 2010.
1 © Cooley Godward 2001 PKI A SSESSMENT The process of evaluating, verifying, and certifying your PKI Presented by: Randy V. Sabett Vanguard Enterprise.

1 © Cooley Godward 2001 PKI A SSESSMENT The process of evaluating, verifying, and certifying your PKI Presented by: Randy V. Sabett Vanguard Enterprise.
1 WebTrust for Certification Authorities (CAs) Overview October 2011 WebTrust for Certification Authorities (CAs) Overview October 2011 Presentation based.

1 WebTrust for Certification Authorities (CAs) Overview October 2011 WebTrust for Certification Authorities (CAs) Overview October 2011 Presentation based.
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation 23-25 May 2012, Kish Island, I.R.IRAN.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
David L. Wasley Office of the President University of California A PKI Certificate Policy for Higher Education A Work in Progress Draft 0.010 David L.

David L. Wasley Office of the President University of California A PKI Certificate Policy for Higher Education A Work in Progress Draft David L.
+1 (801) 877-2100 Ultralight OCSP Improving Revocation Checking.

+1 (801) Ultralight OCSP Improving Revocation Checking.
Configuration Management Managing Change. Points to Ponder Which is more important?  stability  progress Why is change potentially dangerous?

Configuration Management Managing Change. Points to Ponder Which is more important?  stability  progress Why is change potentially dangerous?
Privacy Terminology draft-hansen-privacy-terminology-03.txt Hannes Tschofenig.

Privacy Terminology draft-hansen-privacy-terminology-03.txt Hannes Tschofenig.
Privacy and Security for the HES Gateway Presentation and discussion for SC25 WG1 By: Ludo Bertsch and Tim Schoechle Arlington, USA April 24, 2013 SC25/WG1-N1620.

Privacy and Security for the HES Gateway Presentation and discussion for SC25 WG1 By: Ludo Bertsch and Tim Schoechle Arlington, USA April 24, 2013 SC25/WG1-N1620.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.

1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.
National Institute of Advanced Industrial Science and Technology Auditing, auditing template and experiences on being audited Yoshio Tanaka

National Institute of Advanced Industrial Science and Technology Auditing, auditing template and experiences on being audited Yoshio Tanaka
NRENs supporting Grids using current Grid technology TERENA NREN-GRID Workshop Amsterdam 2005-10-17 Milan Sova CESNET.

NRENs supporting Grids using current Grid technology TERENA NREN-GRID Workshop Amsterdam Milan Sova CESNET.
Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.

Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.
Requirements Management Plan - Documents

Requirements Management Plan - Documents

Similar presentations

Ads by Google