Transcript Document

The Americas Grid Policy
Management Authority
Darcy Quesnel, CANARIE
Background
• EUGridPMA participation
– From North America: OSG, DOEGrids and
CANARIE
– Developed minimum requirements for
classic PKI’s
Background
• EUGridPMA membership is growing
large
• Geographic constraints
• www.eugridpma.org
Background
• Formation of the APGridPMA (AsiaPacific)
• Accepted the EUGridPMA classic PKI
requirements as production-level
profile
• Developed additional experimentallevel profile for internal use
• www.apgridpma.org
Background
• Formation of the International Grid
Trust Federation (IGTF)
• Coordinate profiles between PMA’s
– Act as a publishing point
Purpose
• Bring together relying parties and
certificate authorities in the Americas
to agree on authentication profiles
• Reflect geographic (travel and time
zone) realities
• Develop new profiles for use by
members
Profiles
• Authentication profiles are minimum
requirements for the operation of a
authentication infrastructure
• Accept the EUGridPMA classic PKI
minimum requirements
• Developing minimum requirements for
a short-lived certificate generation
service (Dane Skow)
Members
•
•
•
•
•
•
•
•
•
OSG, Bob Cowles, Dane Skow
TeraGrid, Tony Rimovski
Texas High Energy Grid, Alan Sill
SDSC, Bill Link
FNAL, Frank Nagy
Dartmouth, Mark Franklin
CANARIE, Darcy Quesnel
DOEGrids, Tony Genovese, Mike Helms
Hope to add others from North and South America !
Charter
• Tony Genovese’s work has agreement by all
members
• Scope
– Provide an accreditation process open to any Grid
Authentication service providers in the Americas
– Cover only the territory known as the Americas
– Work on peering with other regional PMA’s to develop crossdomain trust relationships as coordinated by the IGTF
– Develop criteria for determining trust in different types of
authentication services
– Accredit members authentication services that meet
TAGPMA criteria for an authentication profile
Charter
• Included activities
– Developing community best practices
– Maintain a publishing point for contact information,
accreditation status, and trust anchors
– Hold regular meetings
– Develop and maintain minimum requirements for supported
authentication profiles
– Vote and maintain records on all issues that affect
accreditation of member authentication services
• Excluded activities
– Accredit members against public statements of their
operations, will not conduct auditing
– Will not run an authentication or authorization service
itself
Future
• Formal face-to-face meeting with
officer election
• Officially list contact information and
trust anchors of members on web site
Contact
• www.tagpma.org
• [email protected]