Transcript Document
The Americas Grid Policy Management Authority Darcy Quesnel, CANARIE Background • EUGridPMA participation – From North America: OSG, DOEGrids and CANARIE – Developed minimum requirements for classic PKI’s Background • EUGridPMA membership is growing large • Geographic constraints • www.eugridpma.org Background • Formation of the APGridPMA (AsiaPacific) • Accepted the EUGridPMA classic PKI requirements as production-level profile • Developed additional experimentallevel profile for internal use • www.apgridpma.org Background • Formation of the International Grid Trust Federation (IGTF) • Coordinate profiles between PMA’s – Act as a publishing point Purpose • Bring together relying parties and certificate authorities in the Americas to agree on authentication profiles • Reflect geographic (travel and time zone) realities • Develop new profiles for use by members Profiles • Authentication profiles are minimum requirements for the operation of a authentication infrastructure • Accept the EUGridPMA classic PKI minimum requirements • Developing minimum requirements for a short-lived certificate generation service (Dane Skow) Members • • • • • • • • • OSG, Bob Cowles, Dane Skow TeraGrid, Tony Rimovski Texas High Energy Grid, Alan Sill SDSC, Bill Link FNAL, Frank Nagy Dartmouth, Mark Franklin CANARIE, Darcy Quesnel DOEGrids, Tony Genovese, Mike Helms Hope to add others from North and South America ! Charter • Tony Genovese’s work has agreement by all members • Scope – Provide an accreditation process open to any Grid Authentication service providers in the Americas – Cover only the territory known as the Americas – Work on peering with other regional PMA’s to develop crossdomain trust relationships as coordinated by the IGTF – Develop criteria for determining trust in different types of authentication services – Accredit members authentication services that meet TAGPMA criteria for an authentication profile Charter • Included activities – Developing community best practices – Maintain a publishing point for contact information, accreditation status, and trust anchors – Hold regular meetings – Develop and maintain minimum requirements for supported authentication profiles – Vote and maintain records on all issues that affect accreditation of member authentication services • Excluded activities – Accredit members against public statements of their operations, will not conduct auditing – Will not run an authentication or authorization service itself Future • Formal face-to-face meeting with officer election • Officially list contact information and trust anchors of members on web site Contact • www.tagpma.org • [email protected]