Versions Compared

Old Version 13

changes.mady.by.user Davide Vaghetti

Saved on

compared with

New Version 14

changes.mady.by.user Nicole Harris

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

HTML
<iframe width="560" height="315" src="https://www.youtube.com/embed/59csB3jiOeQ" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>

PlayBook

Key data

Key typeKey SubjectKey Duration

RSA 4096bit 

O=GEANT, CN=eduGAIN RSA Signer CA 2022

20 Years

ECC 384bits

O=GEANT, CN=eduGAIN ECC Signer CA 202220 Years

Key generation

  1. Prepare key storage computer for use.
  2. Connect and verify RNG.
  3. Use the RNG to create and set a static password in the two yubikeys. 
  4. Generate RSA 4096 bits and ECC 384 bits keypairs , encrypt using yubikey in static mode.
  5. Decrypt RSA private key using yubikey in static mode, temporarily stored in /dev/shm.
  6. Issue self-signed certificate using keypair.
  7. Copy the keys to two USB sticks.
  8. Generate sha1 and sha256 fingerprint of certificate.
  9. Copy the RSA certificate to a USB stick and send it to the eduGAIN OT.  
  10. Shutdown key storage computer.

...

Supporting Evidence

Image Added