1 / 8

HEPKI-TAG Activities

HEPKI-TAG Activities. January 2004 CSG Meeting Jim Jokl. HEPKI-TAG Activities. Sponsors: I2, Educause, NET@EDU Charter – Technical Activities Group (TAG) Certificate profiles, CA software Private key protection Mobility, client issues Interactions with directories Testbed projects

odette-everett
Download Presentation

HEPKI-TAG Activities

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HEPKI-TAG Activities January 2004 CSG Meeting Jim Jokl

  2. HEPKI-TAG Activities • Sponsors: I2, Educause, NET@EDU • Charter – Technical Activities Group (TAG) • Certificate profiles, CA software • Private key protection • Mobility, client issues • Interactions with directories • Testbed projects • Communicate results • Process • Biweekly conference calls • Sessions at higher education events

  3. Activities are focused on enabling campus deployments • Certificate profiles • Fields, content, criticality, etc • Profile repository • PKI-lite framework • Using PKI for “standard” applications • Merged policy and practices document • Profiles with suggestions for implementers • Designed to support S/MIME, Wed Authentication, etc

  4. PKI-lite Technical Assumptions • Certificate revocation capability is up to the institution and is not required • Key usage will not be specified • No requirement for separate signing and encryption certificates • No requirements for key escrow • Fully on-line CAs are allowed. PKI-lite does not specify the level of protection for the campus CA • Simplified user identity assurance

  5. HEPKI-TAG Activities • S/MIME • Client interoperability • Applications, mailing lists, etc • Deployment issues and wish list • Web site • Getting started documents and pointers • Private key protection • Links to open source CA software • Demo sites • CA, Web auth, CPM, Bridge path validation, root repository, root certificate installation

  6. HEPKI-TAG Activities • Briefings on vendor / organization plans • Sun • Apple • OASIS

  7. HEPKI-TAG: next projects • Complete the USHER / InCommon support work • Update work on S/MIME • Windows domain authentication • CA Audits - preparing your internal audit department • EAP-TLS for wireless authentication • Hardware tokens • survey, documentation, recommendations • Introductory materials for sites getting started (CA software, applications, cookbook, etc) • Other possibilities discussed briefly • Grid integration • survey • bridge testing • Document and webform signing

  8. If you are working on PKI deployments • Our website can has a lot of useful information • Consider participating and joining our conference calls • Where to watch • www.educause.edu/hepki • middleware.internet2.edu/hepki-tag • pkidev.internet2.edu

More Related