It was reiterated that StuTel and 4Help will revoke a certificate even if the caller can only give them the VT ID number of the person who's certificate is to be revoked and no other caller identity information. The logic behind this is that revoking the certificate, even if malicious, is the "secure" thing to do.
Greg agreed to make the following changes to Joyce's draft procedures:
In the last bullet change "a terminated" to "an" to make it more general.
Add to the procedures to include in the TAS notes field:
Name of caller.
Request the caller's VT ID number and record if given, otherwise skip it.
The reason for revoking the certificate.
Carol Cornish from StuTel commented that they do not actually see that a certificate was revoked. There is no indication on the TAS screens they see to show the certificate was successfully revoked. Trying to revoke a revoked certificate produces and error message with text that says nothing about the cause of the error.
Frank Galligan's response:
In TAS 1.0, there is a message displayed to the TAS operator when the certificate is successfully revoked, however, there is no way in TAS 1.0 to check the revocation status of a certificate - this functionality has been added in TAS 2.0 and will display in a status field when viewing certificates that have been issued to a user.
In TAS 1.0 when trying to revoke a certificate that is already revoked, the OpenCA server does return a generic error message which is displayed to the TAS operator. In TAS 2.0, the TAS operator will be prevented from submitting a revocation request for a certificate that has already been revoked and will receive a specific error message indicating that the certificate is already revoked.
TAS 2.0 will allow the TAS operator to run a certificate revocation status report that will provide details on the revoked certificates in the OpenCA database. Ismael is already working on this report.
If the eToken contains more than one certificate StuTel must compare the upper and lower TAS windows to revoke the correct certificate.
Add to the procedures that unless the user can tell you which certificate to revoke when multiple certificates are present that the default action is to revoke all certificates. This applies to walk-in and phone-in revocations alike.
On a side note: when an employee is separated form university employment (terminated) how can we assure that the eToken is returned and the certificate revoked? We need deprovisioning for certificates. Regarding continued use of a certificate by a separated employee all we can do is revoke the certificate it is up to the application (e.g., online leave report) to check the revocation list. The certificates do have an expiration date.
The date for eProvisioning training on revocation for the VTOC is set for September 5, 2007. These revocation procedures take effect on that date.
4Help requested access to the eProvisioning development server in order to become acquainted with revocation before the day of the training.
Frank Galligan's response:
eProv can issue 4Help testers, certificates on the Pre-Prod system and help installing TAS 1.0 on the machines they plan to use for testing. Frank, Joyce & Rob will work out the details.
Jack Noll has draft web pages on the eProv development server http://www.dev.pki.vt.edu/pdc/new_index.html
Jack pointed out that the Firefox and Mozilla installation instructions are the same on our production pdc website. On the development webiste Jack separated the instructions. Jack will request that SETI Testing & Deployment review the instructions on the development server to verify their accuracy.
A newly, PMA signed, User CPS and Middleware policy documents, are on the development server. These need to be moved to the production server as soon as possible.
Mary commented that Internal Audit would like to complete their audit of the online leave report system component of the PDC project soon. Their aggressive target date is by the August 2007 BOV meeting.
Greg placed a copy of the survey questions on this wiki here.