Upload
wesley-hudson
View
214
Download
0
Embed Size (px)
Citation preview
Second Annual Meeting of the Romanian Tier-2 Federation
RomanianGRID CASTATUS
05.12.2008
Cosmin Nistor; Alexandru BobeRomanian Space Agency (ROSA)
agentia spatiala romana - romanian space agency
RomanianGRID CA
• RomanianGRID CA was established and is operated by the Romanian Space Agency (ROSA), a public institution supervised by the National Authority for Scientific Research – Ministry of Education and Research in Romania.
• Purpose: A top level Certification Authority to provide PKI services for the GRID activities of the Research and Academic communities in Romania
agentia spatiala romana - romanian space agency
RomanianGRID CA
• The CP/CPS document describes the rules and procedures followed by the RomanianGRID CA for issuing certificates. It is structured in accordance with RFC 3647.
Document name
“RomanianGRID CA Certificate Policy and Certification Practice Statement”
Version 1.4Document date
23 September 2007
O.I.D. 1.3.6.1.4.1.27103.9.1.2.1.1.4
agentia spatiala romana - romanian space agency
RomanianGRID CA
RomanianGRID CA Status
• RomanianGRID CA reached the “Production” status on the 9th of October 2007, when the CA was included in the IGTF Distribution of Authority Root Certificates
https://dist.eugridpma.info/distribution/igtf/
agentia spatiala romana - romanian space agency
RomanianGRID CA
EUGridPMA
agentia spatiala romana - romanian space agency
RomanianGRID CA
Facts and Figuresafter 1 Year
agentia spatiala romana - romanian space agency
RomanianGRID CA
agentia spatiala romana - romanian space agency
RomanianGRID CA
Certificates
Root certificate (CA certificate) validity:Saturday, September 30, 2017 7:56:22 PM GMT+03:00
User / Server valid certificatesNov 2007: 24 / 32 (56)Dec 2008: 51 / 60 (111)
Total certificates111 valid / 15 revoked / 46 expired
agentia spatiala romana - romanian space agency
RomanianGRID CARA User certs Server certs
IFIN-HH 13 8
ISS 8 6
UPB 5 9
ICI 6 17
UTC-N 11 6
ROEDUNET-IASI 1
ITIM 3
UVT 5
UB 3 3
UCv 1
CSA-INCAS 1 3
INCDMF
ROSA 2
agentia spatiala romana - romanian space agency
RomanianGRID CA
Incidents
CVE-2008-0166 vulnerability (May 2008)“OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-base operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.”
• All IGTF accredited CA run tests on their certificates.• Fortunately RomanianGRID CA issued only 1 affected
certificate. • Action taken: certificate revocation
agentia spatiala romana - romanian space agency
RomanianGRID CA
Thank you