terena logo
17 April 2009
Comodo confirmed as new supplier of TERENA certificate services
Karel Vietsch and Licia Florio (TERENA Secretariat) with the received proposals

A contract between TERENA (Trans-European Research and Education Networking Association) and Comodo CA Ltd. was signed this week, confirming Comodo as the new supplier of the TERENA certificate services. This is the result of a call for proposals that TERENA issued in September 2008, to procure a managed Secure Sockets Layer (SSL) server certificate service in order to prolong the existing TERENA Server Certificate Service.

Eleven proposals were received in response to the call for proposals. A committee of volunteers from organisations participating in the Server Certificate Service, supported by TERENA Secretariat staff, evaluated the proposals, interviewed bidders, requested and studied additional information and formulated the final, unanimous recommendation to award the contract to Comodo CA Ltd. of Manchester, England, as theirs was the “economically most advantageous” proposal. This preference was announced by TERENA on 23 March 2009. After a legally prescribed waiting period, the contract was signed on 14-16 April 2009.

TERENA’s Server Certificate Service has been running since 2006, providing the European education and research community with SSL server certificates that are recognised by popular web browsers, mobile devices and other user applications. To users such as universities, schools and research institutes that are served by participating TERENA member organisations, the server certificate provision by Comodo will look very much like what they have become accustomed to.

No longer just a server certificate service

In addition to continuing a server certificate service, TERENA’s liaison with Comodo will allow further services to be offered to research and education institutions as part of a broader set of ‘TERENA certificate services’.

Email & client certificates will be provided that can be used, among other things, to secure email communication and for TLS (Transport Layer Security) client authentication, for example, to identify persons accessing websites. Code signing certificates will also be available. These are used to authenticate and sign software code for distribution over the Internet. Both email & client certificates and code signing certificates will be issued via the participating TERENA member organisations in much the same way as the server certificates.

Finally, Comodo also offers research and education institutions served by the participating TERENA member organisations the opportunity to buy EV (Extended Validation) certificates at a special price. EV certificates are issued after a more thorough vetting process than with other server certificates and can be used to secure online financial transactions.

Where will the services be available?

Some TERENA member organisations are still deciding whether to join the new TERENA certificate services. Currently, it is known that the new server certificate service will be offered by the national TERENA member organisations in Austria (ACOnet), Belgium (BELNET), Croatia (CARNet), the Czech Republic (CESNET), Denmark (UNI•C), France (RENATER), Greece (GRNET), Hungary (HUNGARNET), Ireland (HEAnet), Italy (GARR), Lithuania (LITNET), the Netherlands (SURFnet), Norway (UNINETT), Poland (PSNC), Portugal (FCCN), Slovenia (ARNES), Spain (RedIRIS) and Sweden (SUNET).

The email & client certificate service will be available in Austria, Belgium, the Czech Republic, France, Greece, Ireland, Lithuania, the Netherlands, Norway, Poland, Spain and Sweden.

The code signing certificate service will be offered in Austria, Belgium, the Netherlands, Norway, Poland, Spain and Sweden.

It is not yet known which TERENA member organisations will enable their user institutions to take advantage of the Comodo offer for purchasing EV certificates.

When will the new services start?

The start of the services awaits the completion of a number of technical tests and of the Certificate Practice Statement. Also, some administrative arrangements between TERENA and each of its participating member organisations must be completed. The new services may therefore start in different countries at different times, and it is possible that the new server certificate service will start slightly earlier than the email & client certificate service and the code signing certificate service. It is expected that the first certificates will be issued through the new TERENA certificate services in May 2009.

FURTHER INFORMATION

More information about the TERENA certificate services will be published on: http://www.terena.org/activities/tcs.

More about Comodo: http://www.comodo.com/.