10 th EUGridPMA Meeting graciously hosted by ULAKBIM Istanbul, TR.
-
Upload
kaylynn-buckingham -
Category
Documents
-
view
217 -
download
0
Transcript of 10 th EUGridPMA Meeting graciously hosted by ULAKBIM Istanbul, TR.
10th EUGridPMA Meetinggraciously hosted by ULAKBIM
Istanbul, TR
10th EUGridPMA ‘Istanbul’ meeting – May/June 2007 - 2
David Groep – [email protected]
Welcome at theBogazici University, Faculty of Engineering
Welcome from the Organisers
10th EUGridPMA ‘Istanbul’ meeting – May/June 2007 - 3
David Groep – [email protected]
A historic moment
20th grid CA coordination meeting in Europe
From: Kelsey, DP (David)Sent: Monday, November 20, 2000 8:10 PM To: Francois Etienne (E-mail); 'Kors Bos' Subject: CA/Security contacts (DataGrid)
Dear Francois, Kors,
I have had no nominations for security contacts for the meeting on "Certificates for Testbed0" for CNRS or NIKHEF yet.
Please let me know who I should invite.
Regards, Dave ------------------------------------------------ Dr David Kelsey Computing & Resource Management Particle Physics Department Rutherford Appleton Laboratory Chilton, DIDCOT, OX11 0QX, UK
e-mail: XXXXXXXXXX@XXXTel: [+44](0)1235 XXXXXX (direct) Fax: [+44](0)1235 XXXXXX ------------------------------------------------
10th EUGridPMA ‘Istanbul’ meeting – May/June 2007 - 4
David Groep – [email protected]
Still the same issues, but we have learnt much!0. Aims of meeting. Agreement of agenda. Notes/minutes?
1. Roundtable status report.
2. Authentication vs Authorisation I see this to be a major architectural decision. … What should the certificate verify? Just the identity … or also something about membership of particular experiements?
3. How many CA's should be used in the DataGrid testbed?
4. Does a hierarchy add value? Should/can we sign national certificates by a single HEP-root CA?
5. What is the scope of the certificates?
6. Revoking certificates.
7. Naming. What constraints are there on the name fields?
8. What can we learn from other GRID projects or other PKI initiatives? - input to Terena PKI meeting (6th December)?
9. Procedures for running CA's and issuing certificates. We need to convince each other that our certificates can be "trusted".
10. Other issues Period of Validity (CA's, Servers, Users) Key lengths User education Instructions for system managers
11. Who is doing authorisation if we don't? WP2?
12. Storage of certificates? LDAP? agenda 1st EDG CACG meeting, December 2000
10th EUGridPMA ‘Istanbul’ meeting – May/June 2007 - 5
David Groep – [email protected]
Teleconferencing capabilities
VRVS room “Plane”, access code “PMA2007” H323 via the ESnet gateway (dial “88IGTF”)
Istanbul is at GMT+3!!
Aid remote participants – upload your presentations
http://www.eugridpma.org/agenda/fullAgenda.php?ida=a063 Password: *******
10th EUGridPMA ‘Istanbul’ meeting – May/June 2007 - 6
David Groep – [email protected]
Agenda Overview
Update APGridPMA1400
NTUU/KPI
transport0900
AEGIS
1SCPsGrid Cert Profile
Signing Party/TACAR
CA Update:
Update: GridIreland
Meeting Planning
transport 1730
Contentious Issues:• levels of assurance
RP Requirementharmonization
Future directions
Reserved
MONDAY TUESDAY WEDNESDAYIntroduction
Agenda
ROSA
Chair Election
Morocco
OCSP Update
Profiles OverviewMICS Profile
Auditing Guidelines
Change Management
hardware tokens
robot cert progress
NIST PKI ConferenceHighlights &reflections
transport
1600
19.30 Golden Age 1!
10th EUGridPMA ‘Istanbul’ meeting – May/June 2007 - 7
David Groep – [email protected]
Tonight
Meet at 19.30 hrs at the Golden Age 1 hotel lobby
For dinner "Degüstasyon" at Istiklal-Taksim (close to the
hotel) where there will be traditional Turkish food, drink and music!
Note that google maps is updated also indicating the restaurant at local pages.
10th EUGridPMA ‘Istanbul’ meeting – May/June 2007 - 8
David Groep – [email protected]
Round of Welcome and Introduction
10th EUGridPMA ‘Istanbul’ meeting – May/June 2007 - 9
David Groep – [email protected]
Minutes from the Last Meeting
Thanks to Mike Helm, Emir Imamagic
Comments and modifications? New volunteers for this time?
Agenda bashing …
10th EUGridPMA ‘Istanbul’ meeting – May/June 2007 - 10
David Groep – [email protected]
Green: EMEA countries with an Accredited Authority
24 of 27 EU member states (all except LU, MT, RO) + AM, CH, HR, IL, IS, NO, PK, RU, TR
Other Accredited Authorities: DoEGrids (.us), GridCanada (.ca), CERN, SEE catch-all
EUGridPMA members and applicants
10th EUGridPMA ‘Istanbul’ meeting – May/June 2007 - 11
David Groep – [email protected]
The story so far …
0
10
20
30
40
Mar
-01
Sep-0
1
Mar
-02
Sep-0
2
Mar
-03
Sep-0
3
Mar
-04
Sep-0
4
Mar
-05
Sep-0
5
Mar
-06
Sep-0
6
acc
red
ited
CA
sFoundation of the IGTF
allows migration of CAs to Regional PMA
10th EUGridPMA ‘Istanbul’ meeting – May/June 2007 - 12
David Groep – [email protected]
Membership by type
Under “Classic X.509 secured infrastructure” authorities accredited: 39 (recent additions: BG.ACAD) active applicants: 5
(Serbia, Romania, Morocco, Ukraine, Macedonia)
Under “SLCS” accredited: 1 (SWITCH-aai) active applicants: 0
Under MICS draft none yet of course
Major relying parties EGEE, DEISA, SEE-GRID, LCG, TERENA
10th EUGridPMA ‘Istanbul’ meeting – May/June 2007 - 13
David Groep – [email protected]
IGTF Global Status per December 2006
10th EUGridPMA ‘Istanbul’ meeting – May/June 2007 - 14
David Groep – [email protected]
TAGPMA Status and Updates
information from Darcy Quesnel and Alan Sill
New Chair:
Vinod Rebello, UFF, Brazil
New Vice-Chair:
Jim Marsteller, PSC, USA
New Secretary:
Marg Murray, TACC, TX, USA
10th EUGridPMA ‘Istanbul’ meeting – May/June 2007 - 15
David Groep – [email protected]
TAGPMA Status and Updates
information from Darcy Quesnel
Currently Operating CAs
• DoEGrids
• GridCanada
• BRGrid (Brazil)
Recently passed (now completing operational review)
• EELA Catch-All
• TACC Root and Classic (TX, USA)
• REUNA (Chile)
• Venezuela
• Mexico
10th EUGridPMA ‘Istanbul’ meeting – May/June 2007 - 16
David Groep – [email protected]
Round Table Updates