TechTalks Event
Campus Certificate Authorities
with guest expert Jeff Schiller
April 13, 2000
Audio
• Streaming
MP3
• Download
MP3 (Download
Tips)
What's the difference between certificates used for signing and those used for encryption? What is the relationship between certificates and directories? What are the different types of directories? Is LDAP the only kind of directory that can be used with digital certificates? Are directories being used for authentication or authorization? Who issues digital certificates? How many digital certificates will individuals have? What are the three major phases for your campus to get ready for these technologies? What are some of the first applications for digital certificates on campuses?
Listen in to learn what's new and plan now to send in your questions to expert@cren.net and join Jeff, Howard, and Judith on Thursday, April 13 as they explore the directions and options for authenticating and verifying identity online!
Guest Expert
Jeffrey I. Schiller is the network manager
at the Massachusetts Institute
of Technology and has managed the MIT campus computer network
since its inception in 1984. He is the author of MIT's Kerberos Authentication
System. Schiller is the Internet Engineering Steering Group's
(IESG) Area
Director for Security. The IESG is a steering group of the Internet Engineering
Task Force (IETF). His recent efforts have resulted in the first
US legal version of the popular PGP encryption program being released
by MIT. Schiller is a founding member of the Internet Privacy Coalition.
Co-Hosts
Howard Strauss, Manager of Academic Applications at Princeton
University, is TechTalk's Technology Anchor.
Co-Host Judith Boettcher is CREN's Executive Director.
Together, Howard and Judith will ask the really tough questions—and
relay the questions you email to them at expert@cren.net.
Background & Resources
We're building this event's resource list right now and we'd welcome your contribution.
Jeff is sharing with us MIT's Student Information System, MIT WebSIS. Oliver's Guide to Coping With Certificates covers most common problems MIT users encounter with MIT web certificates.
- Learn more about CREN's Certificate Authority Service. CREN also has a listing of
Certificate Authority Resources that is helpful. What does a digital certificate
look like? Here's
a Digital certificate which contains CREN's public key!
Two very good starting places: Here's FedWorld.gov on Federal Public Key Infrastructure and from the Government Information Technology Services, here's GITS Security, which provides a number of downloadable resources and links to related information.
One of the first places to look is always in the archives of CREN's previous Tech Talks. Not only are the audio interviews available for replay and the collections of useful URLs stored, but the interviews have been transcribed and issues indexed for your convenience.
- Jeff last visited us in October of 1998 in a session entitled, Certificate Authority Services.
- Also related, and more recently, Ken Klingenstein and Keith Hazelton were with us on the topic, Building Directories: the Fundamentals and Frank Grewe and Mike LaHaye were interviewed on Directories on Campus: Getting Started
- Here are a couple of pertinent and recent Chronicle of
Higher Education articles: Do
'Digital Certificates' Hold the Key to Colleges' On-Line Activities?
and At
the U. of Pittsburgh, Digital Certificates Begin Replacing
Passwords. (You may need a Chronicle password to
access the latter article.)
You can see from this example how Pitt is implementing certificates and explaining them to users.
Help with terminology? Here are some definitions from MACE: Middleware Architecture Committee for Education (of Internet2): identifiers, authentication, directories, authorization, and certificates and PKI.
Ever wonder about the legalities and policies regarding the use of certificate authorities? Here's The Role Of Certification Authorities In Consumer Transactions which is the draft report of the ILFP Working Group On Certification Authority Practices. A more recent essay on policy issues surrounding this is Security vs. Anonymity: The Debate over User Authentication and Information Access by Virginia Rezmierski and Aline Soules in Educause Review. (You'll need a Chronicle password in order to view the latter.)
