[AG-TECH] room certificate policy

Andrew Daviel andrew at andrew.triumf.ca
Wed Sep 8 20:36:27 CDT 2004 

(I found some discussion in the archives about a year ago, at least before
the subject thread forked ...)

We had a generic cert for our room system which expired. As per policy
stated by Ivan in the thread circa 11 Sep 2003, this can't be renewed.

- I mailed both the sending address on the wizard reply
(root at fl-caserver.mcs.anl.gov), and the "help" address in the 2.2 wizard
(agdev-ca at mcs.anl.gov) with no reply. Either everyone's on vacation, the
forwarding's broken, or they think my comments are best ignored. It's
frustrating...

- re. cert policy:
For my personal workstation I get a personal cert, and I'm me, so no
problem.

For our room system, we'd used a generic cert and tell everyone the
password. If they can get the physical key to the room (and the electronic
key to our secured area where the room is) that's good enough. We tend to
run most conferencing (VRVS, H.323, etc.) without an operator and let
people that know what they are doing go ahead and do it.

Now (well, since a year ago, perhaps just after I got the cert) it seems
that we're supposed to have identifiable certs for the system.

- the venue client (2.1, anyway, and I don't think 2.2's much better)
doesn't easily switch over between identities. I had to kill the client
and hence the media before it would accept a new default cert and restart.
So it's not particularly easy to have one operator go off-shift and
another come on in the middle of a conference.

- if the cert is stored in a proxy, and the person who it belongs to is no
longer around for some reason, it's not really "their" session anymore.

- I don't particularly want to put my name against a conference where
there are a lot of different people speaking, and I'm not present - and
hence can't control what they say, what material they present or upload to
the server, etc.
(I don't suppose anyone takes this particularly seriously, but if not,
what's the point of using identity certs in the first place?)

If I have to have a personal cert for a room, and can't make up a generic
name, then I want some way to differentiate it from a "real" identity
cert used for my PiG etc.

I have an idea that the anonymous cert in 2.2 might be supposed to address
these issues (?), but not all servers accept them (2.1 for instance)

-- 
Andrew Daviel, TRIUMF, Canada
Tel. +1 (604) 222-7376
security at triumf.ca

More information about the ag-tech mailing list