assurance - RE: [Assurance] Information Security Guide to InCommon IAP Cross Reference
Subject: Assurance
List archive
- From: "Dunker, Mary" <>
- To: "''" <>
- Subject: RE: [Assurance] Information Security Guide to InCommon IAP Cross Reference
- Date: Wed, 18 Jul 2012 15:09:29 -0400
- Accept-language: en-US
- Acceptlanguage: en-US
Hi, Tom,
I don't see anything that would apply to protecting private keys held by the
IdP. Are you specifically thinking about the keys associated with exchanging
information with the IdP, or do you mean something like key escrow for
private keys associated with personal certificates? I can look for some
effective practices, and potentially add something to
https://wiki.internet2.edu/confluence/display/itsg2/Encryption+101 .
Mary
-----------------------------------------------------------------
Mary Dunker
Director, Secure Enterprise Technology Initiatives
Virginia Tech Information Technology
1700 Pratt Drive
Blacksburg, VA 24060
540-231-9327
--------------------------------------------------------------------
-----Original Message-----
From:
[mailto:]
On Behalf Of Tom Scavo
Sent: Wednesday, July 18, 2012 1:07 PM
To:
Subject: Re: [Assurance] Information Security Guide to InCommon IAP Cross
Reference
> I'm starting to build a cross reference between the Information
> Security Guide www.educause.edu/security/guide and the IAP at:
>
> https://spaces.internet2.edu/display/InCAssurance/InCommon+Identity+As
> surance+and+HEISC+Information+Security+Guide
>
> So far, I just mapped section numbers from the IAP to section numbers
> from the Guide (and not all IAP sections have mappings.) My question
> is, "Where do we go from here?" Should I change the section numbers
> into links? Should we try to point to more specific resources from the
> Guide? What do you think would be most useful to the Assurance
> community?
Mary, is there specific advice in the Guide regarding private keys held by
the IdP?
Thanks,
Tom
- [Assurance] Information Security Guide to InCommon IAP Cross Reference, Dunker, Mary, 07/18/2012
- Re: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Tom Scavo, 07/18/2012
- RE: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Dunker, Mary, 07/18/2012
- Re: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Tom Scavo, 07/18/2012
- RE: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Dunker, Mary, 07/18/2012
- RE: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Roy, Nicholas S, 07/18/2012
- Re: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Renee Shuey, 07/18/2012
- RE: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Roy, Nicholas S, 07/20/2012
- Re: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Tom Scavo, 07/20/2012
- Re: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Cantor, Scott, 07/20/2012
- Re: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Ian Young, 07/20/2012
- Re: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Cantor, Scott, 07/20/2012
- Re: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Tom Scavo, 07/22/2012
- RE: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Roy, Nicholas S, 07/20/2012
- Re: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Renee Shuey, 07/18/2012
- Re: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Tom Scavo, 07/18/2012
- RE: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Dunker, Mary, 07/18/2012
- Re: [Assurance] Information Security Guide to InCommon IAP Cross Reference, Tom Scavo, 07/18/2012
Archive powered by MHonArc 2.6.16.