International Grid CA Interworking, Peer Review and Policy Management Through the European DataGrid Certification Authority Coordination Group
Abstract
The Certification Authority Coordination Group in the European DataGrid project has created a large-scale Public Key Infrastructure and the policies and procedures to operate it successfully. The infrastructure demonstrates interoperability of multiple certification authorities (CAs) in a novel system of peer-assessment of the roots of trust. Crucial to the assessment is the definition of minimum requirements that all CAs must meet in order to be accepted. The evaluation is aided by software-generated trust matrices. Related work building on this infrastructure is described. The group’s policies and experience now form the basis of the new European Policy Management Authority for Grid Authentication in e-Science.