Re: InCommon Certificate Service: Personal Certs?

["Mclaughlin, Kevin (mclaugkl)" <mclaugkl () UCMAIL UC EDU>]

Hi Martin:
We are using it - this is a relatively new service for us.  We vet via our Central Login Service for the personal certs 
and then have a stronger vetting process for the server certs.
- Kevin


Kevin L. McLaughlin,  CISM, CISSP, GIAC-GSLC, CRISC, PMP, ITIL Master Certified
Assistant Vice President, Information Security & Special Projects
University of Cincinnati
513-556-9177
 
The University of Cincinnati is one of America's top public research institutions and one of the region's largest 
employers, with a student population of more than 42,700.



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Martin 
Manjak
Sent: Thursday, January 19, 2012 9:59 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] InCommon Certificate Service: Personal Certs?

A few months ago I posted a request asking about certificate management
practices from those schools who were enrolled in the InCommon
certificate service.

Today I'm asking if any one using that service is issuing personal
certificates?

If so, do you require an additional level of vetting?

What are people using the personal certs for (non-repudiation, integrity
assurance, encryption, authentication)?

And finally, how might these personal certs differ from the Free Secure
Email Certificates that Comodo is offering to the general public
(http://www.instantssl.com/ssl-certificate-products/free-email-certificate.html).


Feel free to reply off list is you prefer (mmanjak () albany edu), and I'll
be happy to compile and anonymize answers for a summary posting to the list.

-- 

Martin Manjak
CISSP, GIAC GSEC-G
Information Security Officer
University at Albany
MSC 209 518/437-3813

The University at Albany will never ask you to reveal your password.
Please ignore all such requests.