2016-bidding/Online CA

From EGIWiki
Jump to: navigation, search



The Online CA will generate X.509 certificates upon user request making available through the delegation service long-lived X.509 proxies.

The Online CA is a critical component to enable access to the EGI infrastructure to a wider range of users. The operation of this activity must be executed in tight collaboration with the CheckIn Activity.

Given the importance of the activity the proposals should include information about an availability and continuity plan for the service.

Technical description

The components that are part of this core activity are:

Policy requirements:


Operations of the delegation service and the online CA in high availability and in compliance with the IGTF and EGI security policies.


The Online CA activity will have to coordinate with the following stakeholders:

Ideally the OnlineCA can be a service provided to multiple e-infrastructure and be unique in Europe, but such deployment will require that the Online CA is contributed by multiple e-infrastructures, e.g. other e-infrastructures in Europe may deploy the same service to be used as redundant instances of the same CA.

In case the OnlineCA contributes to an multi-e-infrastructure OnlineCA service, this may require an additional level of coordination with other entities contributing to the OnlineCA service:


Support will be provided through GGUS.

Examples of requested support:


Service targets

Service must be provided with an availability and reliability of 95%. Support level through the helpdesk support unit: Medium


Bids planning a effort of 6 Person Months/year would allow these services and activities to be addressed appropriately.


More information about the Online CA service are available at http://rcauth.eu/

Personal tools