Educause Security Discussion mailing list archives

Re: PKI Certificate Practice Statement

From: Nick Lewis <lewisnic () ACM ORG>
Date: Tue, 4 Mar 2008 21:41:41 -0500

William,

You might want to look into HEPKI-TAG. They have a PKI-Lite CP/CPS template
you could use.

http://middleware.internet2.edu/hepki-tag/

They have details on running a CA and some of the issues. Dartmouth also has
some helpful docs at:

http://www.dartmouth.edu/~deploypki/

What do you want to do with PKI? SSL certs, Web auth, signed documents,
S/MIME, other? I've done a couple different things with PKI and depending on
what you want to do will drive many of the different decisions.

Hope that helps,

Nick

----- Original Message -----
From: "Custer, William L. Mr." <custerwl () MUOHIO EDU>
To: <SECURITY () LISTSERV EDUCAUSE EDU>
Sent: Tuesday, March 04, 2008 12:08 PM
Subject: [SECURITY] PKI Certificate Practice Statement


Miami University is evaluating a proposal to become a PKI Certificate
Authority for servers and users on its campus.  Do any schools have

1)      A model Certificate Practice Statement

2)      An analysis of issues for being a Certificate Authority


We are told that Louisiana State is doing this.  Does anyone have contact
information for the Security Presence at LSU?

Current thread:

PKI Certificate Practice Statement Custer, William L. Mr. (Mar 04)
- <Possible follow-ups>
- Re: PKI Certificate Practice Statement John Kemp (Mar 04)
- Re: PKI Certificate Practice Statement Nick Lewis (Mar 04)