VT Federated Identity Providers Assessment Task 1:Switzerland

From EGIWiki
Jump to: navigation, search
  • Are personal e-Science certificates available through the Terena Certificate Service in your country?

No, the national AAI (SWITCHaai) is currently not connected to the TCS service.

    • If yes, contact the NREN/institute/company that provides TCS in your country and check that the information about the available certificate types is up to date on the on the Terena webpage. If the information is in the list is incorrect, what needs to be fixed?
    • If no, are there any plans to introduce the service (including timelines, obstacles identified, etc.)?

There are no concrete plans at the moment.

  • In order to obtain a personal e-Science certificate from TCS, a user has to be affiliated with an institute that is part of the national identity federation and that has established an appropriate Subscriber Agreement. Please collect information about the institutes from which your NGI expects users (e.g. universities, research institutes) and indicate whether:
    • are those institutes members of your country's identity federation,

All of the Swiss institutions using EGI today participate in the Swiss identity federation (SWITCHaai). Private research institutions, who could become interested in EGI in the future, cannot currently join SWITCHaai. A process is underway with the goal of opening up SWITCHaai for participants outside of publicly funded higher education and research.

    • have those institutions signed the Subscriber Agreement with the NREN, i.e. whether they allow to issue TCS personal e-Science certificates to their members.

Not applicable yet. If TCS were to be made available in Switzerland, institutions would have to opt in twice: First, to the inter-federation (e.g. EduGain) that would allow their SWITCHaai identities to be used abroad; second, to the TCS personal e-Science certificate. Also, an institution's IDP would have to be configured to add "entitlements" to those users who should be entitled to use the TCS personal e-Science certificate service.

  • What is the process to get a personal e-Science certificate from TCS in your country?

None yet. Our users can get both long-lived and short-lived Grid certificates from us, using SWITCH's PKI and SLCS services.

  • What are the rules for an institution in your country to join the identity federation and TCS?
    • Is there any special fee that an institution pays for joining TCS and/or the identity federation?

Only partly applicable today. SWITCHaai participation is covered by the general SWITCH membership fee. In all likelihood, participation in TCS, if offered, would be charged for separately. The consequences for organizations are unclear, because the typical prospective TCS user already pays SWITCH for long-lived certificates today.

  • Does your NGI or NREN provide any service similar to the TCS? Please choose zero or more from the following and provide a brief description:

Couldn't find "following", but see above; we offer both long-lived and short-lived personal certificates for use with Grids.

  • Any comments you have to TCS utilization in your NGI

We have discussed this internally. TCS seems like an attractive long-term option. But we have working systems today, and unless and until our customers demand TCS support, we cannot easily justify the effort to set up TCS. This may be reevaluated in the future.