Presentation is loading. Please wait.

Presentation is loading. Please wait.

KISTI CA Report Status & Self-Audit

Published byありかつ いさやま Modified over 4 years ago

Similar presentations

Presentation on theme: "KISTI CA Report Status & Self-Audit"— Presentation transcript:

1 KISTI CA Report Status & Self-Audit
For KISTI Certification Authority

2 KISTI CA Overview Subject: C=KR, O=KISTI, CN=KISTI Certification Authority Valid from Apr 14, 2017 until Apr 9, 2037 (20 years) Signature algorithm: SHA-256 (CA Key size: 4096 bits) Online repository: Deployed upon IPv6: Contact:

3 Operation status Subscribers Certificates
Total number of subscribers: 342 Total number of institutes: 50 Certificates Total number of certificates: 62 Total number of issued certificates: 54 (user:29, host:25) Total number of revoked certificates: 8 (user:5, host:3) New in 2018: 1 user, 2 hosts

4 Self-Audit overview Auditing References
IGTF CAs auditing Checklist version 1 : CA – 55, RA – 12 IGTF PKI Technology Guidelines Version Assurance Assessment-v Overall Scoring: CA – A(51), D(4) / RA – A(12) D (must change) : CA (16, 43, 45, 47) Logs and archive of them in issuing system are configured by default to be kept for one month; the system must be re-configured to keep all logs and their archives Self-Audit should be performed at least once a year

5 D (must chaNge) - CA (16, 43, 45, 47) (16) The CA must record and archive all requests for certificates, along with the issued certificates, all the requests for revocation, all the issued CRLs and the login, logout, start-up, and shutdown of the issuing system (43) The CA must record and archive all requests for certificates, along with all the issued certificates, all the requests for revocation, all the issued CRLs and the login, logout, start-up, and shutdown of the issuing system (45) The Issuing Authority (IA) must keep these records for at least three years (47) ASPEN, BIRCH, CEDAR: The Issuing Authority (IA) should perform internal operational audits of the Issuing Authority (IA)/RA staff and any underlying systems at least once per year to verify its compliance with the rules and procedures specified in its policies and practices documents

6 Actions required Issuing Machine Internal operational audits
System logs in the issuing system are rotated weekly and only 4 weeks of backlogs are kept Rotating frequency is changed from weekly to yearly and the number of rotating has been increased up to 20 times, in principle the logs and their archives will be kept at least 20 years from now on Internal operational audits Perform self-audit and report the result at least once per year

Download ppt "KISTI CA Report Status & Self-Audit"

Similar presentations

APGrid PMA Face-to-Face Meeting NCHC CA Weicheng Huang National Center for High-performance Computing April 8, 2008.

APGrid PMA Face-to-Face Meeting NCHC CA Weicheng Huang National Center for High-performance Computing April 8, 2008.
Academia Sinica Grid Computing Certification Authority (ASGCCA) Yuan, Tein Horng Academia Sinica Computing Centre 13 June 2003.

Academia Sinica Grid Computing Certification Authority (ASGCCA) Yuan, Tein Horng Academia Sinica Computing Centre 13 June 2003.
1 ASGCCA Self-Audit Report APGridPMA Jinny Chien March 08 2008.

1 ASGCCA Self-Audit Report APGridPMA Jinny Chien March
CNIC Grid CA/SDG CA Self Audit Kejun (Kevin) Dong Computer Network Information Center (CNIC) Chinese Academy of Sciences APGridPMA F2F.

CNIC Grid CA/SDG CA Self Audit Kejun (Kevin) Dong Computer Network Information Center (CNIC) Chinese Academy of Sciences APGridPMA F2F.
SAFE Implementation Toolkit How to use it. Implementation toolkit Overview Log-in Contents Search Toolkit Use Log-out.

SAFE Implementation Toolkit How to use it. Implementation toolkit Overview Log-in Contents Search Toolkit Use Log-out.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
Report on Attribute Certificates By Ganesh Godavari.

Report on Attribute Certificates By Ganesh Godavari.
Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct, 17 2012.

Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct,
1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.

1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.
National Institute of Advanced Industrial Science and Technology Auditing, auditing template and experiences on being audited Yoshio Tanaka

National Institute of Advanced Industrial Science and Technology Auditing, auditing template and experiences on being audited Yoshio Tanaka
9/20/2000www.cren.net1 Root Key Cutting and Ceremony at MIT 11/17/99.

9/20/2000www.cren.net1 Root Key Cutting and Ceremony at MIT 11/17/99.
Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.

Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.
NECTEC-GOC CA APGrid PMA face-to-face meeting. October, 15 2006 Sornthep Vannarat National Electronics and Computer Technology Center, Thailand.

NECTEC-GOC CA APGrid PMA face-to-face meeting. October, Sornthep Vannarat National Electronics and Computer Technology Center, Thailand.
National Institute of Advanced Industrial Science and Technology Self-audit report of AIST GRID CA Yoshio Tanaka Information.

National Institute of Advanced Industrial Science and Technology Self-audit report of AIST GRID CA Yoshio Tanaka Information.
+1 (801) 877-2100 Standards for Registration Practices Statements IGTF Considerations.

+1 (801) Standards for Registration Practices Statements IGTF Considerations.
DataGrid WP6 CA meeting, CERN, 12 December 2002 IISAS Certification Authority Jan Astalos Department of Parallel and Distributed Computing Institute of.

DataGrid WP6 CA meeting, CERN, 12 December 2002 IISAS Certification Authority Jan Astalos Department of Parallel and Distributed Computing Institute of.
March 27, 2006TAGPMA - Rio de Janeiro1 Short Lived Credential Services Profile Tony J. Genovese The Americas Grid PMA DOEGridsATF/ESnet/LBNL.

March 27, 2006TAGPMA - Rio de Janeiro1 Short Lived Credential Services Profile Tony J. Genovese The Americas Grid PMA DOEGridsATF/ESnet/LBNL.
National Institute of Advanced Industrial Science and Technology Brief status report of AIST GRID CA APGridPMA Singapore September 16 Yoshio.

National Institute of Advanced Industrial Science and Technology Brief status report of AIST GRID CA APGridPMA Singapore September 16 Yoshio.
NECTEC-GOC CA Self Audit 7 th APGrid PMA Face-to-Face meeting March 8 th, 2010 Large-Scale Simulation Research Laboratory Sornthep Vannarat Large-Scale.

NECTEC-GOC CA Self Audit 7 th APGrid PMA Face-to-Face meeting March 8 th, 2010 Large-Scale Simulation Research Laboratory Sornthep Vannarat Large-Scale.
IHEP Grid CA Status Report Gongxing Sun F2F Meeting 20 Apr. 2009 Computing Centre, IHEP,CAS,China.

IHEP Grid CA Status Report Gongxing Sun F2F Meeting 20 Apr Computing Centre, IHEP,CAS,China.

Similar presentations

Ads by Google