Classic X.509 secured profile version 4.2 Proposed Changes David Groep, Nov 7 nd, 2008.

Slides:



Advertisements
Similar presentations
© 2007 Open Grid Forum CAOPS-WG Christos Kanellopoulos - Yoshio Tanaka Security Area coordination & outreach OGF25, Catania March 2 nd – 3 rd, 2009.
Advertisements

RPKI Certificate Policy Status Update Stephen Kent.
14 th EUGridPMA October 6-8, 2008 Lisbon. 3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – CRL NEXT UPDATE.
Classic X.509 secured profile version 4.2 Proposed Changes David Groep, Apr 20 th, 2009.
Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 67.
Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct,
INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.
Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.
1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.
CVE , lessons learned and actions David Groep, Nov 7 nd, 2008.
Updates from the EUGridPMA David Groep, Oct 11 th, 2011.
Updates from the EUGridPMA David Groep, Apr 8 nd, 2008.
Trusted Systems Laboratory Hewlett-Packard Laboratories Bristol, UK InfraSec 2002 InfraSec 2002 Bristol, October 2002 Marco Casassa Mont Richard.
IOTA Questions for RPs Sept 9, 2013 Bucharest, Romania.
LiveAP Towards Differentiated Identity Assurance David Groep, Nikhef supported by the Netherlands e-Infrastructure SURFsara, and EGI.eu O-E-15 and EGI-InSPIRE.
Large-scale issuing of host certs in a member-integrated or institutional CA environment.
The CA Distribution Process David Groep, July 2007.
March 27, 2006TAGPMA - Rio de Janeiro1 Short Lived Credential Services Profile Tony J. Genovese The Americas Grid PMA DOEGridsATF/ESnet/LBNL.
NECTEC-GOC CA Self Audit 7 th APGrid PMA Face-to-Face meeting March 8 th, 2010 Large-Scale Simulation Research Laboratory Sornthep Vannarat Large-Scale.
Revocation in MICS §4.4 May 11-13, 2009 Zürich, Switzerland.
Updates from the EUGridPMA David Groep, July 16 st, 2007.
Module 9: Designing Public Key Infrastructure in Windows Server 2008.
EUGridPMA Status, current trends and some technical topics March 2013 Boulder, CO, USA David Groep, Nikhef & EUGridPMA.
A Brief Overview of draft-ietf-sidr-cp-01.txt draft-ietf-sidr-cps-rirs-01.txt draft-ietf-sidr-cps-isp-00.txt Steve Kent BBN Technologies.
Profile for Portal-based Credential Services (POCS) Yoshio Tanaka International Grid Trust Federation APGrid PMA AIST.
EUGridPMA status and updates David Groep, GGF18. EUGridPMA Status Update, TAGPMA Ottawa David Groep – Items  EUGridPMA.
Sam Morrison APAC CA – APGridPMA - ISGC2010 APAC CA Self Audit and status update Sam Morrison ARCS.
KFKI RMKI CA Review EUGridPMA May 26-28, Copenhagen Szabolcs Hernáth MTA KFKI RMKI pki.kfki.hu.
European Grid Policy Management Authority. Event - 2/total Speaker Name – Coverage of the EUGridPMA Green: Countries with an accredited.
IOTA Questions for RPs Sept 9, 2013 Bucharest, Romania.
SHA-2, current trends and some technical topics March 2013 Taipei, TW David Groep, Nikhef & EUGridPMA.
EUGridPMA Status, current trends and some technical topics March 2013 Taipei, TW David Groep, Nikhef & EUGridPMA.
Distribution Repository Structure David Groep,
Discussions on the Life Ray Portal and credential management David Groep, Oct 11 th, 2011.
Secure hardware tokens David Groep DutchGrid CA. DutchGrid CA requirements Need for automated clients –from the bioinformatics domain (NBIC BioRange/BioAssist)
IOTA AP Towards Differentiated Identity Assurance David Groep, Nikhef supported by the Netherlands e-Infrastructure and SURFsara.
Updates from the EUGridPMA David Groep, May 9 st, 2007.
Status review and pending issues March 13, 2012 Oxford, UK David Groep, Nikhef, EUGridPMA, EGI and BiG Grid participation supported by IGE, the Initiative.
Updates from the European Side of the Pond David Groep, November 2006.
NECTEC-GOC CA The 3 rd APGrid PMA face-to-face meeting. June, Suriya U-ruekolan National Electronics and Computer Technology Center, Thailand.
EUGridPMA status and updates David Groep, TAGPMA Ottawa Summit 2006.
MICS Authentication Profile Maintenance & Update Presented for review and discussion to the TAGPMA On 1May09 by Marg Murray.
TACAR Updates version David Groep, NIKHEF. 9 th EUGridPMA ‘RAL’ meeting – Jan David Groep – TACAR Aims  Trusted and.
FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America The Latin American Catch-all Grid Certification.
APGridPMA Update Eric Yen APGridPMA August, 2014.
Baltic Grid Certification Authority 15th EUGridPMA, January 28th 2009, Nicosia1 Self-audit Hardi Teder EENet.
PKI for improved cybersecurity in NATO Partner countries Software Arsen Hayrapetyan, ArmeSFo CA.
TR-GRID CA Self-Auditing Results and Status Update EUGridPMA Meeting September 12-14, 2011 Marrakesh Feyza Eryol, Onur Temizsoylu TUBITAK-ULAKBIM
FP6−2004−Infrastructures−6-SSA [ Empowering e Science across the Mediterranean ] Rome, Tutorial for Certification Authority Managers,
Summary of Poznan EUGridPMA32 September EUGridPMA Poznan 2014 meeting – 2 David Groep – Welcome back at PSNC.
18 th EUGridPMA, Dublin / SRCE CA Self Audit SRCE CA Self Audit Emir Imamagić SRCE Croatia.
Feyza Eryol TÜBİTAK ULAKBİM TR-GRID CA SELF-AUDIT & UPDATES.
14 th EUGridPMA Meeting Update from TAGPMA Jim Basney Lisbon, Portugual October 6-8, 2008 The Americas Grid Policy Management Authority.
EGI-InSPIRE RI EGI (IGTF Liaison Function) EGI-InSPIRE RI IGTF & EUGridPMA status update SHA-2 – and more (David Groep,
UGRID CA Self-audit report Sergii Stirenko 21 st EUGRIDPMA Meeting Utrecht 24 January 2011.
HellasGrid CA self Audit. In general We do operations well Our policy documents need work (mostly to make the text clearer in a few sections) 2.
News from EUGridPMA EGI OMB, 22 Jan 2013 David Kelsey (STFC) Using notes from David Groep 22/01/20131EUGridPMA News.
CAISO Public Key Infrastructure: Supporting Secure ICCP Leslie DeAnda Senior Information Security Analyst, Information Security, CAISO EMS Users Group.
Updates from the EUGridPMA David Groep, Oct 17 st, 2007.
The Americas Grid Policy Management Authority TAGPMA Update Derek Simmel, Scott Rea
29 th EUGridPMA meeting, September 2013, Bucharest AEGIS Certification Authority Dušan Radovanović University of Belgrade Computer Centre.
Self-Audit & Status Report for KEK GRID CA Hiroyuki Matsunaga KEK (High Energy Accelerator Research Organization), Computing Research Center APGridPMA.
IGTF in 10 years enabling the interoperable global trust federation Nikhef, Amsterdam supported the Dutch national e-Infrastructure funded and coordinated.
PKGrid CA Self-Audit 2012 Adeel-ur-Rehman Mansoor Sheikh.
AEGIS Certification Authority
The IGTF Charter Name uniqueness throughout the IGTF is anchored in the Charter Current Charter assigns a namespace to an Authority, implying that the.
جايگاه گواهی ديجيتالی در ايران
Bill Yau HKU Grid Certificate Authority (HKU Grid CA) Self Audit & Status Report Bill Yau
HKU Grid Certificate Authority (HKU Grid CA) CP/CPS Reviewer’s Comments Bill Yau
BG.ACAD CA Self-audit report 2018
Presentation transcript:

Classic X.509 secured profile version 4.2 Proposed Changes David Groep, Nov 7 nd, 2008

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Updates  Propose to change the Classic AP  Improved wording  RobotReady™  Accommodate GFD.125  Better CRL handling  Realistic re-keying  See also IGTF-AP-classis-difference-4-1-to-4-2.pdf

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Identity vetting rules  Updates to better reflect existence of robot certificates

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Wording improvements on CA/RA  New wording to accommodate CP/CPS-es with a secure but novel method for securing CA-RA communications  Updates on the rekeying and renewal section  Better wording and expression of intent

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – The CA issuing system  Improved wording on issuing system

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Certificate Profile – GFD.125 cleanup  Cleanup after accepting GFD.125

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Certificate Profile - OIDs  New text makes it explicit that the OID of the profile MUST be included in the certificates issued under this profile  Also, add relevant 1SCP OID This will enable relying parties to make judgements based on the OIDs … and will get us out of the chicken-and-egg mess

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Revocation  Accommodate on-line CAs that can auto-reissue a CRL frequently, and make up for too-short CRLs

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Subscriber due diligence  Improved wording

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Implementation  EUGridPMA has standing guidelines to implement changes in the profile within 6 mo  Please have a look at these proposed changes

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.