Presentation is loading. Please wait.

Presentation is loading. Please wait.

APGrid PMA face-to-face meeting, 9/16/2008 PRAGMA-UCSD CA Team Pacific Rim Application and Grid Middleware Assembly

Published byGladys Morris Modified over 8 years ago

Similar presentations

Presentation on theme: "APGrid PMA face-to-face meeting, 9/16/2008 PRAGMA-UCSD CA Team Pacific Rim Application and Grid Middleware Assembly"— Presentation transcript:

1 APGrid PMA face-to-face meeting, 9/16/2008 PRAGMA-UCSD CA Team http://www.pragma-grid.net/ca Pacific Rim Application and Grid Middleware Assembly http://www.pragma-grid.net http://goc.pragma-grid.net PRAGMA-UCSD CA Status Update

2 APGrid PMA face-to-face meeting, 9/16/2008 Overview Since The Last APGrid Meeting Certificates Issued Operations Changes

3 APGrid PMA face-to-face meeting, 9/16/2008 Since The Last APGrid Meeting 4/7/08 - Accredited in APGrid Taipei meeting 4/20/08 - Yoshio informed us a resolution in APGrid Taipei meeting about best practice pertaining Issuer and Subject names 4/24/08~6/24/08 – Worked with NAREGI-CA team for a new version of CA software and setup new CA with “Issuer: DC=NET, DC=PRAGMA-GRID, CN=PRAGMA-UCSD CA” 6/25/08~6/26/08 - Updated CP/CPS, user guides and internal documentations to reflect the change in Issuer and Subject name –http://goc.pragma-grid.net/ca/ca-certs/http://goc.pragma-grid.net/ca/ca-certs/ –http://goc.pragma-grid.net/ca/cp-cps/http://goc.pragma-grid.net/ca/cp-cps/ –goc.pragma-grid.net/ca/internal/PRAGMA-UCSD-CA-operation.doc (require login) –http://goc.pragma-grid.net/secure/pragma-ucsd-ca-client.tar.gzhttp://goc.pragma-grid.net/secure/pragma-ucsd-ca-client.tar.gz –https://goc.pragma-grid.net/secure/pragma-ucsd-ca-client-user- guide.dochttps://goc.pragma-grid.net/secure/pragma-ucsd-ca-client-user- guide.doc 6/27/08 – Start operation 7/28/08 – Included in IGTF distribution 1.23

4 APGrid PMA face-to-face meeting, 9/16/2008 Certificates Issued 10 host certificates are issued for PRAGMA grid servers and clusters at SDSC No user certificate have been issued so far All 6 certificates (3 hosts and 3 users) used for testing during PRAGMA-UCSD CA server setup have been revoked

5 APGrid PMA face-to-face meeting, 9/16/2008 Operations CRL updates have been done every 3 weeks –One failure of retrieval due to the web server 1 day outage Backup has been performed according to CP/CPS and operation manual User/host certificate requests and issuances have been done following the procedures and rules set in CP/CPS

6 APGrid PMA face-to-face meeting, 9/16/2008 No Change In Personnel CA – Cindy Zheng, Mason Katz (UCSD) RA – Mason Katz, Anoop Rajendra (UCSD) PMA – Yoshio Tanaka (AIST) Security Officer – Phil Papadopoulos (UCSD) pragma-ucsd-ca@sdsc.edu reaches no more and no less than these 5 peoplepragma-ucsd-ca@sdsc.edu

7 APGrid PMA face-to-face meeting, 9/16/2008 No Change In Equipment CA server is dedicated and off-line RA server is dedicated and on-line CA software is naregi-wp5-nas-070112

8 APGrid PMA face-to-face meeting, 9/16/2008 One Change In Physical Security

9 APGrid PMA face-to-face meeting, 9/16/2008 No Change In CA Key and Passphrase CA key length 2048 bits (6.1.5) CP-CPS 6.4 describes CA key protection –Pass phrase >= 15 characters. –Only known by CA and RA. –In 2 sealed envelopes in 2 separate locked drawers in Cindy (CA) and Mason (RA)’s office. Only Cindy and Mason have the keys to the drawers. –The sealed envelops are kept separated from the backed up private key.

10 APGrid PMA face-to-face meeting, 9/16/2008 No Change In Private Key Backup On offline media – USB drives Kept in a locked cabinet Only Anoop (RA) has the key

11 APGrid PMA face-to-face meeting, 9/16/2008 No Change In Web Repository Policies Public accessible http://goc.pragma-grid.net/ca http://goc.pragma-grid.net/ca –CA root certificates –Certificates issued –CRL –CP/CPS –Contact info Grant APGrid PMA and IGTF unlimited re- distribution Internal only –Operation manuals –Canned emails –Forms –Check list –CA profiles Only CA staff and auditors allowed access

12 APGrid PMA face-to-face meeting, 9/16/2008 Special Thanks to Naregi-CA developer, Takuto Okuno For upgrade Naregi-CA software which enabled us to implement the best practice set by APGrid PMA

Download ppt "APGrid PMA face-to-face meeting, 9/16/2008 PRAGMA-UCSD CA Team Pacific Rim Application and Grid Middleware Assembly"

Similar presentations

Resource/data WG Summary Yoshio Tanaka Mason Katz.

Resource/data WG Summary Yoshio Tanaka Mason Katz.
Resource WG Summary Mason Katz, Yoshio Tanaka. Next generation resources on PRAGMA Status – Next generation resource (VM-based) in PRAGMA by UCSD (proof.

Resource WG Summary Mason Katz, Yoshio Tanaka. Next generation resources on PRAGMA Status – Next generation resource (VM-based) in PRAGMA by UCSD (proof.
Academia Sinica Grid Computing Certification Authority (ASGCCA) Yuan, Tein Horng Academia Sinica Computing Centre 13 June 2003.

Academia Sinica Grid Computing Certification Authority (ASGCCA) Yuan, Tein Horng Academia Sinica Computing Centre 13 June 2003.
Academia Sinica Grid Computing Certification Authority (ASGCCA) Jinny Chien.

Academia Sinica Grid Computing Certification Authority (ASGCCA) Jinny Chien.
1 ASGCCA Self-Audit Report APGridPMA Jinny Chien March 08 2008.

1 ASGCCA Self-Audit Report APGridPMA Jinny Chien March
CNIC Grid CA/SDG CA Self Audit Kejun (Kevin) Dong Computer Network Information Center (CNIC) Chinese Academy of Sciences APGridPMA F2F.

CNIC Grid CA/SDG CA Self Audit Kejun (Kevin) Dong Computer Network Information Center (CNIC) Chinese Academy of Sciences APGridPMA F2F.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
4 th APGrid PMA F2F Meeting Academia Sinica, Taipei, Taiwan April 8, 2008 Agendahttp://www.apgridpma.org/meetings/index.html Call for note takers!

4 th APGrid PMA F2F Meeting Academia Sinica, Taipei, Taiwan April 8, 2008 Agendahttp:// Call for note takers!
1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.

1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.
National Institute of Advanced Industrial Science and Technology Auditing, auditing template and experiences on being audited Yoshio Tanaka

National Institute of Advanced Industrial Science and Technology Auditing, auditing template and experiences on being audited Yoshio Tanaka
Computing Research Center, High Energy Accelerator Organization (KEK) KEK Grid CA Go Iwai The 2 nd APGrid PMA Meeting at Osaka Univ.

Computing Research Center, High Energy Accelerator Organization (KEK) KEK Grid CA Go Iwai The 2 nd APGrid PMA Meeting at Osaka Univ.
NECTEC-GOC CA APGrid PMA face-to-face meeting. October, 15 2006 Sornthep Vannarat National Electronics and Computer Technology Center, Thailand.

NECTEC-GOC CA APGrid PMA face-to-face meeting. October, Sornthep Vannarat National Electronics and Computer Technology Center, Thailand.
Updates of APGrid PMA 22 June, 2010. Members (15 + 1) 15 Accredited CAs AIST (JP) APAC (AU) ASGC (TW) CNIC (CN), SDG IGCA (IN) IHEP (CN) KEK (JP) KISTI.

Updates of APGrid PMA 22 June, Members (15 + 1) 15 Accredited CAs AIST (JP) APAC (AU) ASGC (TW) CNIC (CN), SDG IGCA (IN) IHEP (CN) KEK (JP) KISTI.
Resource WG PRAGMA 18 Mason Katz, Yoshio Tanaka.

Resource WG PRAGMA 18 Mason Katz, Yoshio Tanaka.
National Institute of Advanced Industrial Science and Technology Self-audit report of AIST GRID CA Yoshio Tanaka Information.

National Institute of Advanced Industrial Science and Technology Self-audit report of AIST GRID CA Yoshio Tanaka Information.
NAREGI CA Updates Kento Aida NAREGI CA/NII Kento Aida, National Institute of Informatics APGrid PMA meeting 04/20/2008.

NAREGI CA Updates Kento Aida NAREGI CA/NII Kento Aida, National Institute of Informatics APGrid PMA meeting 04/20/2008.
DataGrid WP6 CA meeting, CERN, 12 December 2002 IISAS Certification Authority Jan Astalos Department of Parallel and Distributed Computing Institute of.

DataGrid WP6 CA meeting, CERN, 12 December 2002 IISAS Certification Authority Jan Astalos Department of Parallel and Distributed Computing Institute of.
APGrid PMA face-to-face meeting, 4/8/2008 Cindy Zheng PRAGMA Grid Coordinator Pacific Rim Application and Grid Middleware Assembly

APGrid PMA face-to-face meeting, 4/8/2008 Cindy Zheng PRAGMA Grid Coordinator Pacific Rim Application and Grid Middleware Assembly
March 27, 2006TAGPMA - Rio de Janeiro1 Short Lived Credential Services Profile Tony J. Genovese The Americas Grid PMA DOEGridsATF/ESnet/LBNL.

March 27, 2006TAGPMA - Rio de Janeiro1 Short Lived Credential Services Profile Tony J. Genovese The Americas Grid PMA DOEGridsATF/ESnet/LBNL.
National Institute of Advanced Industrial Science and Technology Brief status report of AIST GRID CA APGridPMA Singapore September 16 Yoshio.

National Institute of Advanced Industrial Science and Technology Brief status report of AIST GRID CA APGridPMA Singapore September 16 Yoshio.

Similar presentations

Ads by Google