Cert Service Webinar Evaluation

[Paul Caskey <>]

Hello fellow group members!

 

On our last call, we briefly discussed a minor process change that we’d like feedback on.

 

It involves getting InCommon out of the process of manual activation of new domains in the Certificate Manager system and relying solely on DCV (Domain Control Validation).

 

Currently, subscribers to the cert service must send an email to and request that new domains be activated and then they must also complete the DCV process.

 

The manual activation adds little, if anything, to security.  It then becomes a business need for InCommon to make sure that domains from non-subscribers don’t get activated in the system (e.g. some admin decides to add a friend’s domain to their org and can convince the friend to do the DCV process. ).  An occasional manual review can detect such domains were they to enter the system.

 

The new process is detailed in this google doc: https://docs.google.com/document/d/1R9prWSGE3B2_q4mOz14oQhsMwyVWq05vNSExrGtbjaE/edit

 

Please take a look and provide any feedback to the group before the end of this next week, Friday 11/20.

 

Thank you all for participating in the group.

 

 

Have a good weekend!