...
The Trusted Certificate Service (TCS) allows a variety of digital certificates to be offered to research and education institutions served by participating National Research and Education Networks (NRENs). TCS takes advantage of a bulk purchasing arrangement whereby NRENs may issue unlimited numbers of certificates for a flat fee.
The newest iteration of GÉANT's TCS has developed a new Web portal, which is expected to improve the user experience of ordering digital certificates because SAML-based federated access has been built in.
The portal was extensively tested by technical experts from the GÉANT TCS community. It is up-to-date with recent changes to the Secure Hash Algorithm (SHA), which plays an important role in signing digital certificates used to support secure websites. The DigiCert TCS will provide the more secure SHA-2 supported certificates that replace the original SHA-1 type.
Offering
The Trusted Certificate Service (TCS) provides a centralised mechanism to manage digital certificates issued by an internationally trusted Certificate Authority in a more efficientcentralised, cost effective, resilient and simple leveraging on the economy of scale and reducing the overhead
Reason to Act
To satisfy the need of trusted certificates, NRENs were used to find their own arrangements either buying quite expensive certificates from individual CAs or buying cheaper unsigned certificates (that does not provide the required level of security). In addition NREN had to budget man power and expertise to manage the certificate provisioning.
way, enabling NRENs to provide secure services to their users.
Reason to ActCustomer Experience
NRENs today are called to offer a range of services to their custumers/users that are increasingly relying on security and privacy: from ensuring secure communication, to trusted data delivery, to e-commerce. Digital Certificates signed by internally accredited, trusted and recognised Certification Autorities (CA) allow NRENs to provide the required level of security to their users, successfully implementing services for their final users. Finally NRENs could need to resell/offer digitally signed certificated to their users (campuses, research labs, …)
To satisfy the need of trusted certificates, NRENs were used to find their own arrangements either buying quite expensive certificates from individual CAs or buying cheaper unsigned certificates (that does not provide the required level of security). In addition NREN had to budget man power and expertise to manage the certificate provisioning.
Customer Experience
The newest iteration of GÉANT's TCS has developed a new Web portal, which is expected to improve the user experience of ordering digital certificates because SAML-based federated access has been built in. The portal was extensively tested by technical experts from the GÉANT TCS community. It is up-to-date with recent changes to the Secure Hash Algorithm (SHA), which plays an important role in signing digital certificates used to support secure websites. The DigiCert TCS will provide the more secure SHA-2 supported certificates that replace the original SHA-1 type.
Benefits
Cost reduction and more efficient Trust Certificate management, providing the centralised procurement and brokering function for secure digital certificates issued by an internationally trusted and recognised Certification Authority.
...
Commercial certificates (costly, and do not always match needNREN security needs).
NRENs In that case, each NREN has to have their own arrangement with an internationally recognised Certification Authorities (CA) to supply certificates to their community.
Self-signed certificates (lower trust).
...