terena server certificate service
play

TERENA Server Certificate Service Towards the large-scale use of - PowerPoint PPT Presentation

Sep 24, 2022 •563 likes •673 views

TERENA Server Certificate Service Towards the large-scale use of affordable popup-free server certificates for the European Research & Educational community Jan Meijer Amsterdam, 24 Januari 2006 High-quality I nternet for higher education

  1. TERENA Server Certificate Service Towards the large-scale use of affordable popup-free server certificates for the European Research & Educational community Jan Meijer Amsterdam, 24 Januari 2006 High-quality I nternet for higher education and research

  2. .EU NRENs did som ething cool Just contracted a service to deliver server certificates • popup free • flat rate • unlimited number • to the European NREN community price is under NDA but...worth our while High-quality I nternet for higher education and research

  3. high quality service • Re-use existing RA organisation • Certificate profile flexibility (Grids!) • Option for fully electronic RA procedures • Option for easy server certificate delivery • NREN-specific branding! • When that time comes: in the high assurance server certificate market High-quality I nternet for higher education and research

  4. Service organisation • TERENA contracts with supplier • NRENs contract with TERENA (liability!) • NRENs are ‘delegated RA’ for the supplier • TERENA appoints delegated RAs • NRENs are responsible for delivering RA services and technical support High-quality I nternet for higher education and research

  5. So how , w hy? • Project started in june 2004 • European NREN PKIs around for ~ 7 years • Real certificate use limited: – webservers (popup-free and popup) – Grids (closed community) • Anticipated growth in need: – AAI middleware services – Web-based ‘stuff’ (mail, e-learning, webservices etc.) – VPN, email High-quality I nternet for higher education and research

  6. Servicing anticipated need • Community is interested in server certificates • Use is limited by: – popup problem (NREN PKI) or – cost (commercial CA) • So solve either of these problems and the need can be serviced ☺ High-quality I nternet for higher education and research

  7. Solution 1 : solve popup-problem • Cost good (is it?) • Popup problem bad – Fix by getting root certificate in root repositories – Requires webtrust audit – Expensive for an individual NREN PKI (~ 25.000 first time, annual ~ 25.000 for the audits, plus all the costs to do things exactly according to guidelines) - -> CA hierarchy adds to cost! • Is running our own CA that interesting? • Own CA for smaller communities: same problem High-quality I nternet for higher education and research

  8. Solution # 2 : Solve cost problem • Try to contract a CA already in the browser • To issue server certificates against NREN conditions – flexible certificate profiles – tailored RA procedures – no per-certificate payment High-quality I nternet for higher education and research

  9. W ent for option # 2 , together • 8 NRENs + TERENA combined forces (proposal launched feb. 2005) • Investigated market • Investigated EU tender guidelines • Ran a light-weight tender (start Sep 2005) • Signed a contract (Jan 2006) High-quality I nternet for higher education and research

  10. CSI RT benefit? it w ill m ake it lam e not to use SSL/ TLS channels w ithin the European NREN com m unity Thank you. TERENA (.eu), ACOnet (.at), CARnet (.hr), CESnet (.cz), UNI-C (.dk), RedIRIS (.es), RENATER (.fr), SURFnet (Netherlands), SWITCH (.ch) High-quality I nternet for higher education and research

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

TERENA Certificate Service Milan Sova CESNET Agenda History TCS Structure Procedures

TERENA Certificate Service Milan Sova CESNET Agenda History TCS Structure Procedures

TERENA Certificate Service Milan Sova CESNET Agenda History TCS Structure Procedures Conclusions History pop-up free server certificates History: SCS TERENA Server Certificate Service summer 2004: first idea

176 views • 17 slides
TERENA Certificate Service (TCS) 9 June 2011 Background Many NRENs had set-up a CA, but

TERENA Certificate Service (TCS) 9 June 2011 Background Many NRENs had set-up a CA, but

TERENA Certificate Service (TCS) 9 June 2011 Background Many NRENs had set-up a CA, but certificates issued were not trusted by web browsers (the pop-up problem). Purchasing certificates directly from commercial CAs is expensive

295 views • 11 slides
TERENA TERENA End-to-End (E2E) Provisioning Workshop End to End (E2E) Provisioning Workshop

TERENA TERENA End-to-End (E2E) Provisioning Workshop End to End (E2E) Provisioning Workshop

GLIF Tech Winter meeting Hong-Kong, China 24 February, 2011 Peter Szegedi, PDO szegedi@terena.org www terena org www.terena.org TERENA TERENA End-to-End (E2E) Provisioning Workshop End to End (E2E) Provisioning Workshop series About

587 views • 25 slides
Certificate Retrieval from OpenLDAP The X.509 attribute Parsing Server (XPS)

Certificate Retrieval from OpenLDAP The X.509 attribute Parsing Server (XPS)

Certificate Retrieval from OpenLDAP The X.509 attribute Parsing Server (XPS) d.w.chadwick@salford.ac.uk The Problem PKI clients cannot search for specific X.509 attributes stored in LDAP directories, e.g. Find the encryption PKC for

667 views • 23 slides
TF NOC TF-NOC About TERENA TERENA offers a forum to collaborate innovate and TERENA

TF NOC TF-NOC About TERENA TERENA offers a forum to collaborate innovate and TERENA

15 February, 2011 Ljubljana, Slovenia Peter Szegedi, PDO szegedi@terena org szegedi@terena.org www.terena.org TF NOC TF-NOC About TERENA TERENA offers a forum to collaborate innovate and TERENA offers a forum to collaborate,

292 views • 17 slides
TERENA Trusted Cloud Drive pilot STATUS UPDATE Motivations Since 2 0 1 0 , TERENA has been

TERENA Trusted Cloud Drive pilot STATUS UPDATE Motivations Since 2 0 1 0 , TERENA has been

TF-Storage meeting 26-27 September 2012 Dubrovnik, Croatia Peter Szegedi Project Development Officer szegedi@terena.org www.terena.org TERENA Trusted Cloud Drive pilot STATUS UPDATE Motivations Since 2 0 1 0 , TERENA has been actively

545 views • 21 slides
Applications and Services Motivations, history 1 t E2E W 1st E2E Workshop in 2008 k h i 2008

Applications and Services Motivations, history 1 t E2E W 1st E2E Workshop in 2008 k h i 2008

3rd E2E Provisioning Workshop Prague, Czech Republic 29-30 November, 2010 Peter Szegedi, PDO szegedi@terena.org www terena org www.terena.org TERENA TERENA End-to-End (E2E) Provisioning Workshop series 3rd workshop on Applications and

540 views • 15 slides
A view into a new GN3Plus Service Jerry Sobieski (NORDUnet) TERENA Architecture Workshop Nov 13,

A view into a new GN3Plus Service Jerry Sobieski (NORDUnet) TERENA Architecture Workshop Nov 13,

Testbeds as a Service Building Future Networks A view into a new GN3Plus Service Jerry Sobieski (NORDUnet) TERENA Architecture Workshop Nov 13, 2013 From Innovation to Infrastructure Network Innovation requires testing to prove out...

360 views • 24 slides
2 3 4 Service Server Client Server ConnecOon Recovered!

2 3 4 Service Server Client Server ConnecOon Recovered!

PresentedatDSNDCCS2011inHongKongon6/28/11 TRODS TransparentRecoveryfor ObjectDeliveryServices Wya$Lloyd ,MichaelJ.Freedman PrincetonUniversity 2 3 4 Service

393 views • 36 slides
May 9, 2019 SWAC Meeting Transfer of Sanitary Service Certificate No. 2 from Cornelius

May 9, 2019 SWAC Meeting Transfer of Sanitary Service Certificate No. 2 from Cornelius

May 9, 2019 SWAC Meeting Transfer of Sanitary Service Certificate No. 2 from Cornelius Disposal Service, Inc. to Evergreen Disposal & Recycling, Inc. Theresa Koppang Solid Waste Management Supervisor May 9, 2019 Certificate Transfer

178 views • 7 slides
Network as a Service principle virtual CPE as a Service TERENA Network Architects Workshop Victor

Network as a Service principle virtual CPE as a Service TERENA Network Architects Workshop Victor

Network as a Service principle virtual CPE as a Service TERENA Network Architects Workshop Victor Reijs, HEAnet victor.reijs@heanet.ie 22 November 2012 1 Agenda Clouds and XaaS services... OpenFlow, SDN and NaaS... Why Network as a

462 views • 23 slides
TCS (eScience) Personal CA Milan Sova Context TCS: TERENA SSL CA TERENA eScience SSL

TCS (eScience) Personal CA Milan Sova Context TCS: TERENA SSL CA TERENA eScience SSL

TCS (eScience) Personal CA Milan Sova Context TCS: TERENA SSL CA TERENA eScience SSL CA TERENA Personal CA TERENA eScience Personal CA TERENA Code Signing CA Concept CA as SAML SP RAs as SAML IdPs

814 views • 10 slides
Introduction to eduCONF Service Rui Ribeiro (FCCN) GN3 eduCONF - TERENA NRENum.net Joint Workshop

Introduction to eduCONF Service Rui Ribeiro (FCCN) GN3 eduCONF - TERENA NRENum.net Joint Workshop

Introduction to eduCONF Service Rui Ribeiro (FCCN) GN3 eduCONF - TERENA NRENum.net Joint Workshop Amsterdam 18 th March 2013 connect communicate collaborate Videoconference Tipical Situation I need to setup a VC meeting! What is the IP

756 views • 10 slides
Vermont Public Service Board Certificate of Public Good Review Process Vermont Public Service

Vermont Public Service Board Certificate of Public Good Review Process Vermont Public Service

Vermont Public Service Board Certificate of Public Good Review Process Vermont Public Service Department Aaron Kisicki May 28, 2015 NDCAP Meeting 10 V.S.A. 6522 Entergy must receive 248 CPG for ISFSI PSB findings: Adequate

469 views • 4 slides
Server-side Adoption of Certificate Transparency Carl Nykvist, Linkping University Linus

Server-side Adoption of Certificate Transparency Carl Nykvist, Linkping University Linus

Server-side Adoption of Certificate Transparency Carl Nykvist, Linkping University Linus Sjstrm, Linkping University Josef Gustafsson, Linkping University Niklas Carlsson, Linkping University Proc. PAM , Berlin, Germany, Mar. 2018

1.11k views • 72 slides
EGEE II - Network Service Level Agreement (SLA) Implementation 4th TERENA NRENs and Grids

EGEE II - Network Service Level Agreement (SLA) Implementation 4th TERENA NRENs and Grids

Enabling Grids for E-sciencE EGEE II - Network Service Level Agreement (SLA) Implementation 4th TERENA NRENs and Grids Workshop - AMSTERDAM, 2006-12-06 Vassiliki Pouli (GRNET/NTUA) www.eu-egee.org EGEE-II INFSO-RI-031688 Outline Enabling

407 views • 14 slides
Beyond NREN Networks Jrgen Qvist TERENA workshop Copenhagen, 21 st -22 nd , November 2012

Beyond NREN Networks Jrgen Qvist TERENA workshop Copenhagen, 21 st -22 nd , November 2012

NORDUnet Nordic I nfrastructure for Research & Education Beyond NREN Networks Jrgen Qvist TERENA workshop Copenhagen, 21 st -22 nd , November 2012 NORDUnet Nordic infrastructure for Research & Education DANTE National and regional

429 views • 23 slides
CS 525M Mobile and Ubiquitous Computing Seminar Ted Goodwin Mitigating Routing Misbehavior

CS 525M Mobile and Ubiquitous Computing Seminar Ted Goodwin Mitigating Routing Misbehavior

CS 525M Mobile and Ubiquitous Computing Seminar Ted Goodwin Mitigating Routing Misbehavior in Mobile Ad Hoc Networks Sergio Marti, T.J. Giuli, Kevin Lai, and Mary Baker Department of Computer Science Stanford University Stanford, CA

454 views • 34 slides
Social and Technological Networks Rik Sarkar University of Edinburgh, 2017. Course specifics

Social and Technological Networks Rik Sarkar University of Edinburgh, 2017. Course specifics

Social and Technological Networks Rik Sarkar University of Edinburgh, 2017. Course specifics Lectures Tuesdays 12:10 13:00 7 Bristo Square, Lecture Theatre 2 Fridays 12:10 13:00 1 George Square, G.8 Gaddum LT Web

897 views • 31 slides
Teaching testing to programmers. What sticks, and what slides off? A journey from Teflon to

Teaching testing to programmers. What sticks, and what slides off? A journey from Teflon to

NW SOFTW ARE QUALITY CIFIC CONFERENCE A P Teaching testing to programmers. What sticks, and what slides off? A journey from Teflon to Velcro. Robert Sabourin and Mnica Wodzislawski 12-October-2020 A journey from Teflon to Velcro

310 views • 11 slides
JRA4 Overview Javier Orellana JRA4 Coordinator EGEE is a project funded by the European Union

JRA4 Overview Javier Orellana JRA4 Coordinator EGEE is a project funded by the European Union

EGEE Kick Off Meeting SA2 Session University College Cork Cork 18-23 April 2004 www.eu-egee.org JRA4 Overview Javier Orellana JRA4 Coordinator EGEE is a project funded by the European Union under contract IST-2003-508833 Contents EGEE

502 views • 16 slides
and African Academia Research and education networking in Africa 11 th AfriNIC Public Policy

and African Academia Research and education networking in Africa 11 th AfriNIC Public Policy

Internet Number Resources and African Academia Research and education networking in Africa 11 th AfriNIC Public Policy Meeting Dakar, 26 November 2009 Boubakar Barry Research and Education Networking Unit Association of African Universities 1

725 views • 24 slides
Mo#va#on In the near future the ICT sector is expected

Mo#va#on In the near future the ICT sector is expected

Mo#va#on In the near future the ICT sector is expected to contribute approx. 3% of global carbon emissions, possibly overtaking the avia#on industry.

756 views • 26 slides
INTERNATIONAL NETWORK DAN TWOHILL daniel.twohill@reannz.co.nz 2 REANNZ Lunch 19

INTERNATIONAL NETWORK DAN TWOHILL daniel.twohill@reannz.co.nz 2 REANNZ Lunch 19

REANNZ LUNCH 19 14TH AUG INTERNATIONAL NETWORK DAN TWOHILL daniel.twohill@reannz.co.nz 2 REANNZ Lunch 19 International Network TRAFFIC TYPES 1. International R&E 2. Domestic 3. Caches 4. Commodity Internet 5 REANNZ

444 views • 22 slides

More recommend