Updates from the EUGridPMA David Groep, July 16 st, 2007.

Slides:



Advertisements
Similar presentations
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks MyProxy and EGEE Ludek Matyska and Daniel.
Advertisements

Usage of PGP in TACAR 19th OGF Meeting Chapel Hill, USA February 1, 2007 Licia Florio Project Development Officer
International Grid Trust Federation Session GGF 20 Manchester, UK Wednesday, May CAOPS-WG session #2.
Template Profile Jens Jensen, STFC RAL GridNet2/ UK e-Science CA OGF22 Boston.
© 2007 Open Grid Forum CAOPS-WG Christos Kanellopoulos - Yoshio Tanaka Security Area coordination & outreach OGF25, Catania March 2 nd – 3 rd, 2009.
10 th EUGridPMA Meeting graciously hosted by ULAKBIM Istanbul, TR.
Classic X.509 secured profile version 4.2 Proposed Changes David Groep, Apr 20 th, 2009.
Grid Computing in Higher Education (Scott Rea) EDUCAUSE PKI Deployment Forum Madison, WI - April 15, 2008.
INFSO-RI Enabling Grids for E-sciencE Portals and Authentication Issues and Solution Directions from a CA and IGTF Perspective David.
Authorization WG Update David Kelsey EU Grid PMA, Copenhagen 27 May 2008.
4 th APGrid PMA F2F Meeting Academia Sinica, Taipei, Taiwan April 8, 2008 Agendahttp:// Call for note takers!
INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.
NRENs supporting Grids using current Grid technology TERENA NREN-GRID Workshop Amsterdam Milan Sova CESNET.
Authentication Policy David Kelsey CCLRC/RAL 15 April 2004, Dublin
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Policy Issues for Identity Management (and other attributes) EGI Technical.
The EU Grid PMA David Kelsey CCLRC/RAL 16 April 2004, Dublin
Updates from the EUGridPMA David Groep, Oct 11 th, 2011.
Updates from the EUGridPMA David Groep, Apr 8 nd, 2008.
IOTA Questions for RPs Sept 9, 2013 Bucharest, Romania.
The CA Distribution Process David Groep, July 2007.
Security Update WLCG GDB CERN, 12 June 2013 David Kelsey STFC/RAL.
Classic X.509 secured profile version 4.2 Proposed Changes David Groep, Nov 7 nd, 2008.
March 27, 2006TAGPMA - Rio de Janeiro1 Short Lived Credential Services Profile Tony J. Genovese The Americas Grid PMA DOEGridsATF/ESnet/LBNL.
TERENA TF-EMC2 Workshop David Groep,
EUGridPMA Status, current trends and some technical topics March 2013 Boulder, CO, USA David Groep, Nikhef & EUGridPMA.
EUGridPMA status and updates David Groep, GGF18. EUGridPMA Status Update, TAGPMA Ottawa David Groep – Items  EUGridPMA.
Sam Morrison APAC CA – APGridPMA - ISGC2010 APAC CA Self Audit and status update Sam Morrison ARCS.
TAGPMA & the Bridge WG (Scott Rea – Dartmouth College) Internet2 Member Meeting, Dec 2006 PKI Activities and Applications Update - Chicago, IL.
European Grid Policy Management Authority. Event - 2/total Speaker Name – Coverage of the EUGridPMA Green: Countries with an accredited.
National Institute of Advanced Industrial Science and Technology Some topics from the OGF20 and the EUGrid PMA F2F Meeting Yoshio Tanaka Grid Technology.
International Grid Trust Federation Session GGF 20 Manchester, UK Wednesday, May CAOPS-WG session #2.
Summary of AAAA Information David Kelsey Infrastructure Policy Group, Singapore, 15 Sep 2008.
Discussions on the Life Ray Portal and credential management David Groep, Oct 11 th, 2011.
IOTA AP Towards Differentiated Identity Assurance David Groep, Nikhef supported by the Netherlands e-Infrastructure and SURFsara.
Updates from the EUGridPMA David Groep, May 9 st, 2007.
NRENs, Grids and Integrated AAI In Search For the Utopian Solution Christos Kanellopoulos AUTH/GRNET October 17 th, 2005 skanct at physics.auth.gr 2nd.
Updates from the European Side of the Pond David Groep, November 2006.
NECTEC-GOC CA The 3 rd APGrid PMA face-to-face meeting. June, Suriya U-ruekolan National Electronics and Computer Technology Center, Thailand.
EUGridPMA status and updates David Groep, TAGPMA Ottawa Summit 2006.
Security Policy Update WLCG GDB CERN, 14 May 2008 David Kelsey STFC/RAL
Community PKIs Initiatives Updates TF-EMC2 Meeting Loughborough, UK 6-7 May, 2009 Licia Florio, TERENA
EGI-InSPIRE RI EGI EGI-InSPIRE RI Establishing Identity in EGI the authentication trust fabric of the IGTF and EUGridPMA.
JSPG Update David Kelsey MWSG, Zurich 31 Mar 2009.
18-May-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the LCG Security Group) Barcelona 18 May 2004 David Kelsey CCLRC/RAL, UK
TACAR Updates version David Groep, NIKHEF. 9 th EUGridPMA ‘RAL’ meeting – Jan David Groep – TACAR Aims  Trusted and.
APGridPMA Update Eric Yen APGridPMA August, 2014.
The Americas Grid Policy Management Authority TAGPMA Update Derek Simmel 35 th EUGridPMA Meeting Amsterdam, Netherlands.
TR-GRID CA Self-Auditing Results and Status Update EUGridPMA Meeting September 12-14, 2011 Marrakesh Feyza Eryol, Onur Temizsoylu TUBITAK-ULAKBIM
Summary of Poznan EUGridPMA32 September EUGridPMA Poznan 2014 meeting – 2 David Groep – Welcome back at PSNC.
18 th EUGridPMA, Dublin / SRCE CA Self Audit SRCE CA Self Audit Emir Imamagić SRCE Croatia.
CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland.
Welcome to Amsterdam EUGridPMA35 September EUGridPMA Amsterdam 2015 meeting – 2 David Groep – Welcome back in Amsterdam.
14 th EUGridPMA Meeting Update from TAGPMA Jim Basney Lisbon, Portugual October 6-8, 2008 The Americas Grid Policy Management Authority.
The Americas Grid Policy Management Authority TAGPMA Update Derek Simmel 27 th EUGridPMA Meeting Rome, Italy January 14-16, 2013.
EGI-InSPIRE RI EGI (IGTF Liaison Function) EGI-InSPIRE RI IGTF & EUGridPMA status update SHA-2 – and more (David Groep,
News from EUGridPMA EGI OMB, 22 Jan 2013 David Kelsey (STFC) Using notes from David Groep 22/01/20131EUGridPMA News.
An Update from the TAGPMA Scott Rea EuGridPMA Mtg, Berlin, DE Sept 13, 2009 The Americas Grid Policy Management Authority.
Updates from the EUGridPMA David Groep, Oct 17 st, 2007.
29 th EUGridPMA meeting, September 2013, Bucharest AEGIS Certification Authority Dušan Radovanović University of Belgrade Computer Centre.
PRACE user authentication and vetting Vincent RIBAILLIER, 29 th EUGridPMA meeting, Bucharest, September 9 th, 2013.
Security Policy Update WLCG GDB CERN, 11 June 2008 David Kelsey STFC/RAL
IGTF in 10 years enabling the interoperable global trust federation Nikhef, Amsterdam supported the Dutch national e-Infrastructure funded and coordinated.
Classic X.509 AP updates (v4.1)
EUGridPMA CAOPS-WG and IGTF Issues March 2013 Charlottesville, VA, USA David Groep, Nikhef, EUGridPMA, and EGI.
Grids & PKI: TAGPMA & Bridges (Scott Rea – Dartmouth College) Internet2 Member Meeting, Dec 2006 PKI Implementers Workshop - Chicago, IL.
LCG Security Status and Issues
HellasGrid CA & euGridPMA
Portals and Authentication Issues and Solution Directions from a CA and IGTF Perspective David Groep NIKHEF.
EUGridPMA Status and Current Trends and some IGTF topics March 2018 APGridPMA ISGC Meeting David Groep, Nikhef & EUGridPMA.
Emir Imamagić University Computing Centre (Srce)
Presentation transcript:

Updates from the EUGridPMA David Groep, July 16 st, 2007

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Outline  EUGridPMA: new CAs and profiles  Istanbul discussions  Re-reviewing process

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Green: EMEA countries with an Accredited Authority  24 of 27 EU member states (all except LU, MT, RO)  + AM, CH, HR, IL, IS, NO, PK, RS, RU, TR Other Accredited Authorities:  DoEGrids (.us), GridCanada (.ca), CERN, SEE catch-all EUGridPMA members and applicants

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Membership by type  Under “Classic X.509 secured infrastructure” authorities  accredited: 40 (recent additions: Serbia in 1.14)  active applicants: 6 (Romania, Morocco, Ukraine, FYROM, Iran, Latvia)  Under “SLCS”  accredited: 1 (SWITCHaai)  Major relying parties  EGEE, DEISA, SEE-GRID, LCG, OSG, TERENA

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Developments in Europe  Robots or automated clients  have been proposed in 2002 by Mike Helm et al.  Introduced in the UK in 2006, in NL in 2007  see for examples for tokens  Why?  monitoring use case (classic one) for functional tests  portals and web sites with ‘canned’ jobs, just like the cgi-bin use case  automated tasks (data movers, &c)  use of automated clients needs quite some policy changes, but having secure hardware tokens is a good ingredient

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Other (non-) contentious issues discussed in TR  CRLs for compromised CAs  non-repudiation bit in keyUsage  and how that relates to signing  the Meaning of Locality  and why to use O if you can  objectSigning bits  should we also address who is allowed to get this bit?  should the organisation be involved (Milan)?  or does it only asserts that the code was signed by this user, as is done in the UK, NL, AT and so better keep as is?  auditable traceability in ID vetting and alternative solutions  the meaning of SHOULD

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Self-Auditing  all members should do a self-audit at least once a year, based on the audit guidelines document, which reflects the latest state of the minimum requirements.  To aid in the self-review, the document will be complemented with some examples, and with input from the "Operational Review" spreadsheet that has been very successful in teh TAGPMA. We can work on this during the coming months.  at least once every two years, the results of the self-audit, together with all supporting documentation, should be submitted to two independent peer reviewers endorsed by the PMA  the reviewers should independently verify the self-audit, and rate the issues on the scale A to D, and iterate with the authority under review to reach a final conclusion.  This conclusion is open for the PMA.  the Authority should make a plan to address the issues found in the review, and correct all issues on which Advice ("D") was given.  the reviewers and the PMA verify that these changes are implemented in a 6- month time frame  if, after six (6) month, for some very unlikely reason, the issues are still not corrected, the PMA will discuss the issue in the next plenary meeting. This discussion will include considering withdrawing the CA certificate from the distribution.  The results of this entire process will be private to the PMA. Only in case that an authority is actually withdrawn would it be made public.

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Showing up  Also, please keep in mind that still we would like each CA to send representative to the plenary meeting at least once every 1-2 years. Otherwise, after two years, the PMA will similarly discuss this. And, of course, everyone should be willing to act as a reviewer at least once a year :-)

3 rd TAGPMA ‘Austin’ meeting – Nov David Groep – Internal status table

Some dates for you to remember and schedule  September 4-5, 2007 TF-EMC2 meeting, Prague, CZ  September 19-21, th EUGridPMA meeting, Thessaloniki, GR  October – OGF 21 CAOPS, IGTF, …, Seattle (WA), USA  November NREN-Grid Workshop on Identity Federation, Malaga, ES  January 14-16, th EUGridPMA meeting, Amsterdam, NL

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.