EGI CSIRT Operational Procedure for Compromised Certificates and Central Security Emergency suspension

Permalink:

https://documents.egi.eu/document/1018

Document #:

EGI-doc-1018-v15

Document type:

Submitted by:

Linda Cornwall

Updated by:

Linda Cornwall

Document Created:

22 Feb 2012, 12:31

Contents Revised:

24 Sep 2013, 17:45

Metadata Revised:

25 Feb 2014, 15:07

Abstract:

This procedure describes what should be done by the EGI CSIRT in the event of a compromised identity certificate, including long lived certificates and proxies. This applies to robot certificates and service certificates as well as user certificates. This also includes what is done when certificates are linked to security incidents. This procedure also addresses usage of Central Security Emergency suspension. The implications of a CA compromise are also briefly described.

Files in Document:

• EGI-CompromisedCertificate-version-for-approval.docx (181.3 kB)
• EGI-CompromisedCertificate-version-for-approval.pdf (1.1 MB)

Topics:

• Activities:Security

Authors:

• Linda Cornwall

Keywords:

Security Compromised Certificate emergency suspension

Notes and Changes:

Removing earlier versions -renaming to 'version for approval' - so people don't get confused.