Soft Personal Digital Certificates project meeting

Monday, November 7, 2011; 3:00 p.m.; AISB-208

Invited

Ismael Alaoui, Phil Benchoff, Susan Brooker-Gross, Al Cooper, Brian Daniels, Kevin Davis, Mike Emero, Mary Dunker, Debbie Fulton, Frank Galligan, Karen Herrington, Kim Homer, Greg Kroll, Sharon Kurek, Joyce Landreth, Randy Marchany, Kevin Rooney, Brenda van Gelder

Agenda

1. A draft Soft PDC SRS document was published to the project Wiki, Oct 2011 [Soft PDC Software Requirements Specification|SEC:Soft PDC Project Documentation^SoftPDC SRS_v1.pdf]
   1. Testing the publication of SoftPDCs to LDAP begins early Dec 2011
   2. Final review and signoff of the SRS by the SoftPDC project group early Jan 2012
   3. Make SRS available for PMA review process mid Jan 2012
   4. PMA meeting for final approval of SRS mid Feb 2012
2. The Soft PDC web interface will perform VT affiliation checking along with use of groups to restrict access. What affiliations should be allowed to have Soft PDCs?
   • Currently for eTokens PDCs we are checking for:
     • vt-employee-state
     • vt-employee-wage
     • vt-student-wage
     • vt-faculty
     • vt-student-enrolled (graduate students)
   • Also support use of groups!
3. The recovery of keys will be performed by SoftPDC administrators in the IMS office using native EJBCA. What is the procedure for key recovery for non key owners?
   1. Who is authorized to request key recovery for another person’s SoftPDC keys?
   2. What forms/signatures will be required to approve this type of request?
   3. Recovery by an authorized non key owner will be done in person at the IMS office. The requestor will bring a USB flash drive to store the recovered KP(s).
   4. What credentials will the authorized requestor be required to present?
   5. The SoftPDC administrator in the IMS office will use EJBCA to recovery the KP and store it to a password protected PKCS#12 file on the requestors USB flash drive.
   6. A use case for key recover by non key owner will be added to the SRS document

Attended

Ismael Alaoui, Phil Benchoff, Brian Daniels, Mike Emero, Mary Dunker, Debbie Fulton, Frank Galligan, Karen Herrington, Kim Homer, Greg Kroll, Joyce Landreth, Randy Marchany, Kevin Rooney, Brenda van Gelder

Meeting Notes

1. Production implementation to a select group of users (not the entire university) is expected in the May-June 2012 time frame.
2. A draft Soft PDC SRS document was published to the project Wiki, Oct 2011
   1. PMA final approval of SRS sounds like a one time occurrence when in fact this is a living document and may have changes after approval. Any changes after approval will be reviewed by the PMA.
3. The Soft PDC web interface will perform VT affiliation checking along with use of groups to restrict access. What affiliations should be allowed to have Soft PDCs?
   1. Kim Homer has requests from 3 non-state employee groups. These can be supported using ED groups.
   2. There was a discussion regarding what happens when someone loses their supported affiliation. How can that person revoke their certificate if they cannot login? This could be handled with an out-of-band procedure. Since we do not want to allow these people to authenticate using their soft PDC we may want to enforce an auotmatic revocation. Action item: add revocation to current SRS document.
   3. There was also a discussion about the vt-faculty affiliation. ROTC faculty are vt-faculty who are federal employees and not vt-employee-state. Should the vt-faculty affiliation be removed from the supported affiliations?
4. The recovery of keys will be performed by SoftPDC administrators in the IMS office using native EJBCA. What is the procedure for key recovery for non key owners?
   1. Current thinking is that it will be an out-of-band procedure using EJBCA.
   2. This should be a rare occurrence.
   3. Need to educate users that this a serious procedure and will likely need to be done face to face.
   4. What level of detail is needed for this procedure for the Certification Practices Statement (CPS)?
   5. Mike Emero recommends using a 2 person authentication requirement for key retrieval just like for eToken key issuance.
   6. We have a similar procedure for retrieval of email by non owners (e.g., surviving spouse). All these requests are referred to and dealt with by Jeb Stewart. Action item: Greg will ask Jeb about any such procedure and whether it is in writing somewhere.
   7. IMS needs time to discuss procedures, priorities, etc. if they are expected to support retrieving keys by non-key owners.
   8. Frank mentioned that we could email retrieved keys with encryption and password protection so this process could be done remotely.
   9. This procedure is out of scope for the SRS however, it will be needed for the CPS and for PMA review and approval in early January 2012.