International Grid Trust Federation Session GGF 20 Manchester, UK Wednesday, May 9 2007 CAOPS-WG session #2.

Slides:



Advertisements
Similar presentations
PRAGMA – TeraGrid – AIST Interoperation Testing Philip Papadopoulos.
Advertisements

Resource WG Breakout. Agenda How we will support/develop data grid testbed and possible applications (1 st day) –Introduction of Gfarm (Osamu) –Introduction.
National Institute of Advanced Industrial Science and Technology Asia Pacific Grid PMA Yoshio Tanaka APGrid PMA, Chair Grid Technology Research Center,
PRAGMA 17 (10/29/2009) Resources Group Pacific Rim Application and Grid Middleware Assembly Resources.
Reports from Resource Breakout PRAGMA 16 KISTI, Korea.
Resources WG Update PRAGMA 10. Interoperability PRAGMA TG (ANL) Moving onto EGEE GGF GIN group Trust Enabled by APGrid PMA.
Steering Committee Meeting Summary PRAGMA 18 4 March 2010.
The Future of PRAGMA Challenges for the Working Groups, PRAGMA Members, and the PRAGMA Community Active Participation.
PRAGMA 15 (10/24/2008) Resources Group Pacific Rim Application and Grid Middleware Assembly Resources.
Cindy Zheng, PRAGMA 8, Singapore, 5/3-4/2005 Status of PRAGMA Grid Testbed & Routine-basis Experiments Cindy Zheng Pacific Rim Application and Grid Middleware.
Demonstrations at PRAGMA demos are nominated by WG chairs Did not call for demos. We will select the best demo(s) Criteria is under discussion. Notes.
Resource/data WG Summary Yoshio Tanaka Mason Katz.
2 nd APGrid PMA F2F Meeting Osaka University Convention Center October 15 09: :20 # Participants: 26.
Resource WG Report. Projects Applications EOL Ninf-G Climate model GridBlast GOC Gangla / SCMSWeb => Uniform Database Goodness Status map (e.g. IVDGL)
Cindy Zheng, SC2006, 11/12/2006 Cindy Zheng PRAGMA Grid Testbed Coordinator P acific R im A pplication and G rid M iddleware A ssembly San Diego Supercomputer.
Usage of PGP in TACAR 19th OGF Meeting Chapel Hill, USA February 1, 2007 Licia Florio Project Development Officer
Updates of the APGrid PMA Catania March 3, 2009 Yoshio Tanaka APGridPMA Chair, AIST, Japan.
Status of Auditing Guidelines Document Oct. 15 Yoshio Tanaka, AIST.
© 2007 Open Grid Forum CAOPS-WG Christos Kanellopoulos - Yoshio Tanaka Security Area coordination & outreach OGF25, Catania March 2 nd – 3 rd, 2009.
Grid Computing in Higher Education (Scott Rea) EDUCAUSE PKI Deployment Forum Madison, WI - April 15, 2008.
Higher Education Bridge CA (HEBCA) – What’s Relevant, What’s Next? (Scott Rea) Fed/Ed December 2006.
National Institute of Advanced Industrial Science and Technology Proposals for auditing Yoshio Tanaka Grid Technology Research.
4 th APGrid PMA F2F Meeting Academia Sinica, Taipei, Taiwan April 8, 2008 Agendahttp:// Call for note takers!
Higher Education PKIs (Scott Rea) Boulder CO November 15, 2007.
National Institute of Advanced Industrial Science and Technology Status and plans of the APGrid PMA Yoshio Tanaka Grid Technology.
INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.
2 nd APGrid PMA F2F Meeting Osaka University Convention Center October 15 Wireless LAN SSID: PRAGMA11 Wep key: PRAGMA11JAPAN.
National Institute of Advanced Industrial Science and Technology Auditing, auditing template and experiences on being audited Yoshio Tanaka
Updates of APGrid PMA 22 June, Members (15 + 1) 15 Accredited CAs AIST (JP) APAC (AU) ASGC (TW) CNIC (CN), SDG IGCA (IN) IHEP (CN) KEK (JP) KISTI.
National Institute of Advanced Industrial Science and Technology Updates of the APGrid PMA Yoshio Tanaka Grid Technology Research.
National Institute of Advanced Industrial Science and Technology Recent activities on building a production Grid in the Asia Pacific Region - PRAGMA routine-basis.
APGrid PMA face-to-face meeting, 4/8/2008 Cindy Zheng PRAGMA Grid Coordinator Pacific Rim Application and Grid Middleware Assembly
March 27, 2006TAGPMA - Rio de Janeiro1 Short Lived Credential Services Profile Tony J. Genovese The Americas Grid PMA DOEGridsATF/ESnet/LBNL.
PRAGMA 17 – PRAGMA 18 Resources Group. PRAGMA Grid 28 institutions in 17 countries/regions, 22 compute sites (+ 7 site in preparation) UZH Switzerland.
National Institute of Advanced Industrial Science and Technology Updates of the APGrid PMA Yoshio Tanaka APGrid PMA, Chair Grid Technology Research Center,
Updates from the EUGridPMA David Groep, July 16 st, 2007.
Profile for Portal-based Credential Services (POCS) Yoshio Tanaka International Grid Trust Federation APGrid PMA AIST.
KISTI Grid CA Status Report Korea Institute of Science and Technology Information Sangwan Kim Jae-Hyuck Kwan
Sam Morrison APAC CA – APGridPMA - ISGC2010 APAC CA Self Audit and status update Sam Morrison ARCS.
HEPSYSMAN UCL, 26 Nov 2002Jens G Jensen, CLRC/RAL UK e-Science Certification Authority Status and Deployment.
TAGPMA & the Bridge WG (Scott Rea – Dartmouth College) Internet2 Member Meeting, Dec 2006 PKI Activities and Applications Update - Chicago, IL.
Resources Working Group Update Cindy Zheng (SDSC) Yoshio Tanaka (AIST) Phil Papadopoulos (SDSC)
Pacific Rim Application and Grid Middleware Assembly: PRAGMA A community building collaborations and advancing grid-based applications Peter Arzberger,
National Institute of Advanced Industrial Science and Technology Some topics from the OGF20 and the EUGrid PMA F2F Meeting Yoshio Tanaka Grid Technology.
SC2008 (11/19/2008) Resources Group Pacific Rim Application and Grid Middleware Assembly Reports.
International Grid Trust Federation Session GGF 20 Manchester, UK Wednesday, May CAOPS-WG session #2.
Kento Aida, Tokyo Institute of Technology Grid Working Group Aug. 29 th, 2003 Tokyo Institute of Technology Kento Aida.
National Institute of Advanced Industrial Science and Technology Updates of the APGrid PMA Yoshio Tanaka APGrid PMA, Chair Grid Technology Research Center,
Updates from the EUGridPMA David Groep, May 9 st, 2007.
National Institute of Advanced Industrial Science and Technology GGF12 Workshop on Operational Security for the Grid Cross-site authentication and access.
NECTEC-GOC CA The 3 rd APGrid PMA face-to-face meeting. June, Suriya U-ruekolan National Electronics and Computer Technology Center, Thailand.
Opening Remarks and Updates of the APGrid PMA 5 th APGridPMA September 16, 2008 Yoshio Tanaka APGridPMA Chair, AIST, Japan.
APGrid PMA face-to-face meeting, 9/16/2008 PRAGMA-UCSD CA Team Pacific Rim Application and Grid Middleware Assembly
0 NAREGI CA Status Report APGrid F2F meeting in Singapore June 4, 2007 Rumiko Masuko.
Update of APGridPMA APGridPMA Meeting Academia Sinica, Taiwan 22 March,
APGridPMA Update Eric Yen APGridPMA August, 2014.
Summary of Poznan EUGridPMA32 September EUGridPMA Poznan 2014 meeting – 2 David Groep – Welcome back at PSNC.
18 th EUGridPMA, Dublin / SRCE CA Self Audit SRCE CA Self Audit Emir Imamagić SRCE Croatia.
Update of APGridPMA Eric Yen 25 th EUGridPMA & IGTF All Hands Meeting KIT, Germany 7 May, 2012.
APGridPMA Update Eric Yen 35 th Amsterdam, NL September 7, 2015.
Updates of APGrid PMA 18 th EUGridPMA Meeting 18 th EUGridPMA Meeting 18 January, 2010 Eric Yen ASGCCA Taiwan.
International Grid Trust Federation Session GGF 19 Chapel Hill, NC, USA Thursday, Feb CAOPS-WG session #1.
Classic X.509 AP updates (v4.1)
Updates of the APGrid PMA
Grids & PKI: TAGPMA & Bridges (Scott Rea – Dartmouth College) Internet2 Member Meeting, Dec 2006 PKI Implementers Workshop - Chicago, IL.
Guidelines for auditing Grid CAs
US Higher Education PKI (Scott Rea) February 2007
Higher Education Bridge CA (HEBCA) – What’s Relevant, What’s Next
The IGTF Charter Name uniqueness throughout the IGTF is anchored in the Charter Current Charter assigns a namespace to an Authority, implying that the.
EUGridPMA 41 and IGTF All-Hands Meeting
Presentation transcript:

International Grid Trust Federation Session GGF 20 Manchester, UK Wednesday, May CAOPS-WG session #2

Agenda Updates from regional PMAs (15) –APGrid PMA (Yoshio) –EUGrid PMA (David) –TAGPMA (Darcy) Problems in compliance with the new Authentication Profile (20) Authentication Profiles (20) –Member Integrated Credential Services AP (Darcy?) –Portal-based Credential Services AP (Yoshio) Hardware Tokens (20) –Robots (Jens)

Updates of the APGrid PMA OGF20 IGTF Yoshio Tanaka

Updates Audited KEK Grid CA Date: April 13 th Used the new auditing document Found the following five major problems (but easy to solve). In some end entity certificates, the value of X509 v3 Certificate Policies extension is incorrect. It is but it should be Inconsistency of the certificate profile and the profile document. Neither exendedKeyUsage nor nsCertType is specified in end entity certificates. address was used in the subject name of end entity certificates. Inappropriate description about renew keys.

Updates Some CAs has modified / is modifying CP/CPS and/or profiles to comply with the new Classic AP. Done AIST Grid CA, APAC Grid CA, CNIC Grid CA, NAREGI CA Ongoing ASGC CA, IHEP CA, KEK Grid CA, NECTEC CA Details will be reported in the next F2F. APAC Grid CA will issue certificates for New Zealand.

Members (13 + 4) 9 Accredited CAs In operation AIST (Japan) APAC (Australia) ASGCC (Taiwan) CNIC (China) IHEP (China) KEK (Japan) NAREGI (Japan) NECTEC (Thailand) Will be in operation NCHC (Taiwan) 1 CA under review NGO (Singapore) Will be re-accredited KISTI (Korea)Planning PRAGMA (USA) ThaiGrid (Thailand) General membership Osaka U. (Japan) U. Hong Kong (China) U. Hyderabad (India) USM (Malaysia)

Next F2F Meeting Date: June 4 th (Mon) Venue: Biopolis, Singapore Co-located event: Grid Asia 2007 Agenda (tentative): Updates from CAs (esp. compliance with thew new Classic AP) Review of MICS profile Discussions on profile of Portal-based CS

Problems in compliance with the new Authentication Profile

AIST s experiences A) User certificates - Added Extended Key Usage x509 Ext Key Usage: = PKIX-IDKP-ClientAuth B) Host certificates - Added Extended Key Usage x509 Ext Key Usage: = PKIX-IDKP-ServerAuth = PKIX-IDKP-ClientAuth - Added Subject Alt Name x509 Subject Alt Name: [2] FQDN of the host - Changed Key Usage removed nonRepudiation x509 Key Usage:[critical] digitalSignature, keyEncipherment, dataEncipherment, (0xb0)

Supposed problems Some CAs need to modify profiles of the Root CA Certificate to comply with the new Classic AP and the proposed Grid Certificate Profile. Marking keyUsage as critical was dropped from MUST to SHOULD, but some root CA certificates does not mark basicConstraints as critical. Some CA embed an address in the subject name of end entity certificates. Probably more (as figured out through the auditing of KEK Grid CA).

Portal-based Credential Services Profile Yoshio Tanaka International Grid Trust Federation APGrid PMA AIST

Schedule 1 st draft by EUGrid PMA Istanbul Will be reviewed at Istanbul followed by APGrid PMA at Singapore. 2 nd draft by TAGPMA Banff 3 rd draft by EUGrid PMA F2f in fall or OGF21

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.