On live video supported F2F May 9-11, 2016 Abingdon, Oxfordshire, UK.

Slides:

Advertisements

Similar presentations

FATCA Basics for Foreign Account Holders

Advertisements

EAuthentication Before accessing the Delphi eInvoicing System, you must be an authenticated user. This authentication process is called eAuthentication.

Online Substantive Process LINE MANAGERS Self Teach Tutorial April 2008 Version 1.0.

Functional component terminology - thoughts C. Tilton.

Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct,

The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,

David Groep Nikhef Amsterdam PDP & Grid Evolving Assurance – IGTF LoA generalisation David Groep Interoperable Global Trust Federation IGTF Documents at.

1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.

Results questionnaire e-conveyancing Presentation by mr. Ruben Roes Deputy chief registrar.

In the CA I trust. A look at Certification Authorities James E. Shearer CSEP 590 March 8 th 2006.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Information for students Welcome to the S 3 P system. Login to the system by entering your User ID and password. The User ID is the same as your normal.

National NOW Conference Credentialing Overview Brought to you by the Membership & Field Department at the National Action Center (NAC)

Mail Entry & Payment Technology Agenda  Benefits of IMpb  IMpb Requirements Unique Barcode Shipping Services File (SSF)  Postal Wizard Enhancements.

Social effect: Facebook is a site available to anyone. Many people use it in order to contact friends and relatives from all around the world, and to meet.

Privacy and Security Tiger Team Meeting Discussion Materials Today’s Topic Recommendations on Trusted Identities for Providers in Cyberspace August 20,

SWIS Digital Inspections Project (SWIS DIP) Chris Allen, Information Management Branch California Integrated Waste Management Board November 5, 2008 The.

Extending your student visa. How we are going to help you Talking you through the documents you have to prepare Talking you through the online tools we.

CILogon OSG CA Mine Altunay Jim Basney TAGPMA Meeting Pittsburgh May 27, 2015.

Using Personal Certificates Jeff D’Angelo Jeremy Hill Network of People, Jan 6, 2005.

IOTA Questions for RPs Sept 9, 2013 Bucharest, Romania.

Click your mouse to continue. Ways to Merge Data When you have finished editing your main document and inserting the merge fields, you have several choices.

Identity Management Levels of Assurance WLCG GDB CERN, 8 Apr 2009 David Kelsey STFC/RAL david.kelsey AT stfc.ac.uk.

The CA Distribution Process David Groep, July 2007.

Risks of data manipulation and theft Gateway Average route travelled by an sent via the Internet from A to B Washington DC A's provider Paris A.

Classic X.509 secured profile version 4.2 Proposed Changes David Groep, Nov 7 nd, 2008.

March 27, 2006TAGPMA - Rio de Janeiro1 Short Lived Credential Services Profile Tony J. Genovese The Americas Grid PMA DOEGridsATF/ESnet/LBNL.

Getting started with myitlab. before you register  A valid address  Course ID from your instructor  Student access code Before you register,

Electronic Submission of Medical Documentation (esMD) Identity Proofing Sub-Workgroup October 31, 2012.

National Center for Supercomputing Applications University of Illinois at Urbana-Champaign NCSA Two Factor CA Jim Basney

Privacy and Security Tiger Team Meeting Discussion Materials Today’s Topic Recommendations on Trusted Identities for Providers in Cyberspace August 6,

Updates from the EUGridPMA David Groep, July 16 st, 2007.

DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.

User Certificate Application: ASGCCA. Agenda Introduction ASGCCA User Responsibilities Certificate application form RA verify identity of users User generate.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,

Profile for Portal-based Credential Services (POCS) Yoshio Tanaka International Grid Trust Federation APGrid PMA AIST.

8-Jul-03D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security (Report from the LCG Security Group) RAL, 8 July 2003 David Kelsey CCLRC/RAL, UK

IOTA Questions for RPs Sept 9, 2013 Bucharest, Romania.

Discussions on the Life Ray Portal and credential management David Groep, Oct 11 th, 2011.

Pkiuniversity.com. Alice Bob Honest Abe’s CA Simple PKI hierarchy.

IOTA AP Towards Differentiated Identity Assurance David Groep, Nikhef supported by the Netherlands e-Infrastructure and SURFsara.

Authentication Presenter Meteor Advisory Team Member Version 1.1.

TACAR Updates version David Groep, NIKHEF. 9 th EUGridPMA ‘RAL’ meeting – Jan David Groep – TACAR Aims  Trusted and.

On the design of a MfAaaS service (Multi-factor-Authentication-as-a-Service)

FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America The Latin American Catch-all Grid Certification.

How to apply for a Tier 4 visa Student Immigration Team.

PKI Services for CYPRUS STOCK EXCHANGE Kostas Nousias.

Copyright 2013 Exostar LLC.| All Rights Reserved.| Proprietary and Confidential1 Identity Proofing Service United Technologies Corporation September 26.

SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.

FP6−2004−Infrastructures−6-SSA [ Empowering e Science across the Mediterranean ] Rome, Tutorial for Certification Authority Managers,

Summary of Poznan EUGridPMA32 September EUGridPMA Poznan 2014 meeting – 2 David Groep – Welcome back at PSNC.

Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Research Infrastructures Grant Agreement n

Academia Sinica Grid Computing Certification Authority F2F interview (Malaysia )

Getting Started with. Before you register A valid address Course ID from your instructor Student access code Before you register, be sure you have:

UGRID CA Self-audit report Sergii Stirenko 21 st EUGRIDPMA Meeting Utrecht 24 January 2011.

News from EUGridPMA EGI OMB, 22 Jan 2013 David Kelsey (STFC) Using notes from David Groep 22/01/20131EUGridPMA News.

Mail Merge in Ms-Word 2010 Mail merge is a software function describing the production of multiple (and potentially large numbers of) documents from a.

IGTF Generalised Assurance comments by federation operators with a SAML background September 19-21, 2016 CERN, Geneva, CH.

I-9 Instructions and FAQs

EUGridPMA Status and Current Trends and some IGTF topics March 2016 Miami, FL, USA David Groep, Nikhef & EUGridPMA.

QUESTRA HOLDINGS ACCOUNT REGISTRATION

Extending host credential validity in presence of DCV & OV controls October 2016 TAGPMA24 meeting David Groep, Nikhef & EUGridPMA.

Classic X.509 AP updates (v4.1)

Virtual Face to Face Meetings for ID-check

TCEQ Migration to EPA’s National NetDMR

Digital Signature Certificate Provider Digital Signature Certificate Provider.

IBM Embedded Solution Agreement (ESA)

Supporting communities with harmonized policy

Combined Assurance Model

Presentation transcript:

On live video supported F2F May 9-11, 2016 Abingdon, Oxfordshire, UK

37 th EUGridPMA Abingdon – May David Groep – For the BIRCH and CEDAR Assurance [Vetting] should be based on a face-to-face meeting and should be confirmed via photo-identification and/or similar valid official documents. Identity vetting and validation should be based on  an in-person appearance before a trusted agent of the authority with presentation of a reliable photo-ID and/or valid official documents; or  be validated using notary-public attestations and/or official government data sources and supported by remote live video conversation; or  be performed according to Kantara LoA 2 or better.

37 th EUGridPMA Abingdon – May David Groep – Some current methods Most CAs support explicit F2F only  But may be designating RAs in many different ways Video-supported  Notary-public via postal mail + video: BR, TR  Government records: some TCS subscribers (universities with access to these databases) Kantara LoA 2  Some TCS countries (SE) for some of their applicants

37 th EUGridPMA Abingdon – May David Groep – On the notary public & govt. databases  In many countries, notaries are rather exclusive, and rather expensive to attest to documents (think ~€25 + half a day & travel for the appointment)  Access to databases to rather complex for most orgs  So e.g. HPCI and others are looking for alternatives By ‘chance’, I was exposed to another, quite interesting and rigorous process – which was easier – if you’re allowed to keep photographs … … and which some CAs (specifically HPCI, but I expect many others) would seriously want to consider!

37 th EUGridPMA Abingdon – May David Groep – Challenge-response live video 1.Send a registration form that can mostly be filled beforehand to the address of record 2.Start a video-conf (even just HD skype), and have the applicant write down some unique information on the form and sign it visibly during the chat. 3.Ask applicant to scan this form, and mail it to the RA 4.Have the applicant hold up the same form, a govt photoID, next to the face, and (I assume) have the RA take a screenshot for record 5.The RA can check if the form is correct, and – with the nonce – if it’s the same person (the video is ongoing) 6.The RA has validated the data, photoID, and a ‘video nonce’, and has the screenshot as proof

37 th EUGridPMA Abingdon – May David Groep – Open questions  The applicant needs a scanner & printer nearby – does that help for most applicants?  Is this an alternative acceptable process?  Is keeping the photograph a critical element?  If so: how can we document it in a way that is verifiable?