Versions Compared

Old Version 6

changes.mady.by.user Reimer Karlsen-Masur

Saved on

compared with

New Version 7

changes.mady.by.user Reimer Karlsen-Masur

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • VMs  
  • Service Monitoring 
  • Backup/restore/archiving - data retention (ties into GDPR)
  • Source code repositories (non-public and public)
  • PKI:
    • Strategy
    • certbot
    • tcs
    • edpki ca
    • let'sRadsec <= very eduroam specific? i.e. s
    • cab forum (related, maybe come down to lobby work?)
    • Certificate transparency
  • Security Operations Centre (SOC)
  • FLS (service desk)

WHAT

...

PKI:

  • Develop a PKI strategy for GN4 that will somehow put the PKI related GN services (such as TCS, eduPKI (knowledge center & CA), let'sRadSec, certbot, Certificate Transparency efforts and potential lobbying work at fora and organisation) into perspective. Shaping the services.
  • Develop and enhance tools and services (like certbot, let'sRadSec, TCS and eduPKI CA) to ease and broaden the use of PKI within the GN world.
    • certbot should be able to be used by server admins of standard web-servers and RadSec-servers to request and deploy certificates from ACMEv2 compatible CAs, like from TCS and eduPKI CA
  • Providing independent services to strengthen the trust into public web-PKI and NREN / GN internal PKI by making the used PKI more transparent.
  • Providing certificate services that are based on GN/NREN requirements but independent from PKI developments outside of control GN and NRENs → "internal PKI"
  • Lobbying for GN/NREN specifics as an interested 3rd party at CA/Browser Forum

HOW/WHEN

tbd



Post-Its:

AAI Pilots also need PROD stuff like securing, monitoring, policy

...