EJBCA meeting for Policy - Migrating Root, MW, Server to EJBCA 

• Attendees:
  Randy Pelt
• Karen Herrington
• Ismael Alaoui
• Frank Galligan
• Phil Benchoff
• Randy Marchany
• Mary Dunker 

Intro by Frank. Need to migrate keys as well as certificates 

Frank and Ismael will work through the policy documents first and then present proposed changes to this small group. William Dougherty would be a good addition to the group, or to proof read. Documentation will be kept at EJBCA (Enterprise Java Beans Certificate Authority) 

Internal Audit meeting will be held soon, including Randy Pelt. Internal Audit will be invited to these small meetings on policies. 
Need risk assessment. May be part of project planning process. Risks, controls to mitigate risks, etc. need to be considered.

Mary's questions:

1. Will we still need Middleware CA?
   Answer: Current plan is to migrate with same structure as today. We can discuss whether or not the Middleware CA is still needed. Middleware is currently testing a new ceritficate profile.
2. Will auditors be OK w/online CA?
   Answer: One of the existing CPS documents says subordinate CAs can be either offline or online. RootCA is still offline.
3. Will auditors be OK w/approval changes?
4. Will changes impact our ability to qualify for InCommon silver?
5. How will we plan for external trust?
6. (For User CA migration to EJBCA) Will we/should we plan to issue "soft" PDCs?