Subject Re: Self Signed Certs
From Thomas Lenggenhager <lenggenhager@xxxxxxxxx>
Date Mon, 10 Aug 2009 14:58:37 +0200

Since we support embedded certificates, either self-signed or also the certificate the SP uses for the web server (as long it meets some requirements), the problems we had with certs decreased quite a bit.

We require a re-keying every three years. The Resource Registry (our metadata management tool) tracks that and alerts the administrators early enough to generate a new key.


John Krienke wrote:
Hello fellow federation operators,

InCommon is getting ready to support self-signed certificates in a few short weeks to help with, among other things, inter-federation. We're curious to know if other federations are supporting self-signed certificates already and if so, what you might have found along the way from a technical or communication/education perspective regarding both universities and commercial participants.


Serving Swiss Universities
Thomas Lenggenhager
P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 1505  direct +41 44 268 1541