Some topics from the OGF20 and the EUGrid PMA F2F Meeting

1. Some topics from the OGF20 and the EUGrid PMA F2F Meeting Yoshio Tanaka Grid Technology Research Center, AIST, Japan

2. Highlights of the OGF21 • Dates: May 7th to 11th • Place: Manchester, UK • More than 900 participants, co-located with EGEE User’s meeting • IGTF Session Agenda • Updates from regional PMAs (15”) • APGrid PMA (Yoshio) • EUGrid PMA (David) • TAGPMA (Darcy) • Problems in compliance with the new Authentication Profile (20”) • Authentication Profiles (20”) • Member Integrated Credential Services AP (Darcy) • Portal-based Credential Services AP (Yoshio) • Hardware Tokens (20”) • Robots (Jens)

3. Highlights of the EUGrid PMA F2F • Dates: May 30th to June 1st • Place: Istanbul, Turkey • About 30 participants • Long time spent for discussions about self-auditing and compliance with the new Classic AP. • Results are in the next slide.

4. Results of the discussion • All members should do a self-audit at least once a year, based on the audit guidelines document • At least once every two years, the results of the self-audit, together with all supporting documentation, should be submitted to two independent peer reviewers endorsed by the PMA -- one experienced one and a novice, for example, as long as there are novices. • The reviewers should independently verify the self-audit, and rate the issues on the scale A, B, C to D and iterate with the authority under review to reach a final conclusion. This conclusion is open for the PMA. • The Authority should make a plan to address the issues found in the review, and correct all issues on which Advice ("D") was given. • The reviewers and the PMA verify that these changes are implemented in a 6-month time frame (at least for "D" advices). • If, after six (6) month, for some very unlikely reason, the issues are still not corrected, the PMA will discuss the issue in the next plenary meeting. This discussion will include considering withdrawing the CA certificate from the distribution.