VT Certification Authority Services

1
VT Certification Authority Services
Secure Enterprise Technology Initiatives Internet
Application Development

e-Provisioning Group
Frank Galligan frankg_at_vt.edu Bahaa Al-Amood
balamood_at_vt.edu
2
Topics

• What is the VTCA?
• How does it impact me?
• How do I get the VTCA Root certificate?
• Where can I find information about the VTCA?
• How do I request a certificate?

3
What is the VTCA?
Certificate Policy Document Director for Policy
Strategic Initiatives

• Certification Authority
• VP Information Technology
• University Security Office
• Generates and Revokes Certificates
• Publishes Revocation Lists
• Administers the CA Hardware Security Module

• Technical Support
• University Computing Support
• e-Provisioning Group, IAD, SETI

Relying Party Person or application trying to
establish trust in a Certificate

• Registration Authority
• University Security Office
• Verifies and vouches for the identity of users
• Generates / Approves Requests for Issuance or
• Revocation of a Certificate

• Subscriber
• VT Campus Community
• Requests Web Server or Middleware Client
  Certificates
• Uses Certificate to setup Secure Web Server or
  Authenticate to ED-ID

4
How does it impact me?
Does your department run a Secure Web Server?
Verisign 349 Thawte 140
VTCA 0

• Browser Configuration Requirements
• Trusted Root Certification Authorities
  

• Web Server Configuration Requirements
• Trusted Chain of Certification Authorities
• SSL Web Server Certificate

5
How do I get the VTCA Root Certificate?
SSL/TLS

• VTCA Root Certificate Deployment Project
• Accessing the VTnet 2004 CD
• Accessing my.vt.edu web page
• Dell machines using VT provided images
• Links on computing.vt.edu security page
• University wide public key infrastructure
  deployment memo
• Freshmen orientation brochure
• Downloading the VTCA Root from www.pki.vt.edu

6
Where can I find information?
www.pki.vt.edu

• Section
• Getting Started
• Subscribers
• Policies
• Developer
• News
• Help

• Focus
• VTCA Root Download and Installation
• Certificate Request Procedures
• VTCA Certification Policy Document
• Technical FAQ and How To
• Media Publications about VTCA
• Glossary, Contact Info, Site Map

7
Key and Certificate Life Cycle
Key Generation Public/Private Keys
Expiration/ Revocation
Request Certificate www.pki.vt.edu
Usage SSL configuration
Registration Approve/Reject
Distribution Email Notification
Certification Issue Certificate
8
Questions?
Secure Enterprise Technology Initiatives Internet
Application Development

e-Provisioning Group
Frank Galligan frankg_at_vt.edu Bahaa Al-Amood
balamood_at_vt.edu

Slides available at www.pki.vt.edu/pki/learn_more.
html