...
- VMs
- Service Monitoring
- Backup/restore/archiving - data retention (ties into GDPR)
- Source code repositories (non-public and public)
- PKI:
- Strategy
- certbot
- tcs
- edpki ca
- let'sRadsec <= very eduroam specific? i.e. s
- cab forum (related, maybe come down to lobby work?)
- Certificate transparency
- Security Operations Centre (SOC)
- FLS (service desk)
WHAT
...
PKI:
- Develop a PKI strategy for GN4 that will somehow put the PKI related GN services (such as TCS, eduPKI (knowledge center & CA), let'sRadSec, certbot, Certificate Transparency efforts and potential lobbying work at fora and organisation) into perspective. Shaping the services.
- Develop and enhance tools and services (like certbot, let'sRadSec, TCS and eduPKI CA) to ease and broaden the use of PKI within the GN world.
- Providing independent services to strengthen the trust into public web-PKI and NREN / GN internal PKI by making the used PKI more transparent.
- Providing certificate services that are based on GN/NREN requirements but independent from PKI developments outside of control GN and NRENs → "internal PKI"
- Lobbying for GN/NREN specifics as an interested 3rd party at CA/Browser Forum
HOW/WHEN
tbd
Post-Its:
AAI Pilots also need PROD stuff like securing, monitoring, policy
...