TACAR TERENA Academic CA Repository - PowerPoint PPT Presentation

1 / 9
About This Presentation
Title:

TACAR TERENA Academic CA Repository

Description:

TACAR (TERENA Academic Certification Authority Repository) TACAR is an on-line repository containing root-CA certificates (trust anchors) ... – PowerPoint PPT presentation

Number of Views:44
Avg rating:3.0/5.0
Slides: 10
Provided by: vale200
Category:

less

Transcript and Presenter's Notes

Title: TACAR TERENA Academic CA Repository


1
TACARTERENA Academic CA Repository
Licia FlorioTERENA
2
Why TACAR?
  • Europe never managed to deploy PKI on a large
    scale (hierarchy of PKIs and bridge PKI failed)
  • NRENs have set up a PKI but
  • - How to use NREN certificates outside the NREN
    domain?
  • - How to get all the root-CA certificates
    ('trust-anchor') needed by users browsers or
    mailers?

3
The Idea..
  • PKI scenario was not promising
  • But then Jan Meijer (SURFnet)s proposal
  • Collect all the NRENs Root CA certificates in a
    single file
  • Install the file in the browsers

4
What TACAR is
  • TACAR (TERENA Academic Certification Authority
    Repository)
  • TACAR is an on-line repository containing root-CA
    certificates (trust anchors)
  • The trust anchors belong to
  • NRENs,
  • National Academic PKI in the TERENA member
    countries (NPKIs) or
  • Non-profit research projects directly involving
    the academic community.

5
Objectives
  • Provide means to build a PKI-based Web of trust
    among the European academic community and beyond
  • Without the administrative overhead of a root- or
    bridge-CA
  • Based on two basic principles
  • Lets just start and see what happens
  • Keep it simple (although more formalisation has
    been requested and incorporated)

6
Policy
  • Registration procedure (mandatory)
  • A letter of registration is collected by TERENA
    representatives when incorporating a new CA
  • Accreditation Procedure (optional)
  • Aimed at simple interactions using PGP-keys
  • Allows for electronic updates
  • Policy document on line at http//www.terena.nl/t
    ech/task-forces/tf-aace/tacar/

7
TERENAs role
  • TERENA is responsible for
  • The authentication process of the applying CA
  • Publishing the certificates and allow for a
    download in a secure way (https)
  • Keeping the Web page up-to-date

8
Present
  • The repository is up and running
  • 16 CAs online
  • Download as a PKCS7 bundles or individually
  • TACAR endorsed by e-Infrastructure Reflection
    Group of the EC
  • NRENs certificates and Grid certificate
  • http//www.terena.nl/tech/task-forces/tf-aace/taca
    r/

9
Future
  • Collect more certificates
  • But we are not greedy
  • Improve the usability of the TACAR site
  • Making it even more simple
  • Evolve policy and procedures
  • Experience will teach
  • Using it
  • Experiment with it (in connection with bridges,
    PMAs etc.)
Write a Comment
User Comments (0)
About PowerShow.com