In response to the COVID-19 crisis and the government’s requirement that we work from home whenever possible, the UK eScience CA has taken two measures to adapt to remote working.
- We have taken measures to ensure that signing can continue even though operators are working from home.
- As face to face authentication for identity verification for new
personal certificates is currently not possible, we have implemented
a procedure for RA Operators which will involve:
- checking photo id (preferably organisational id) over a video link, supplemented by
- the requester logging into a service in the UK Access Management Federation with their organisational identity and displaying this process and its (successful) results to the operator, and
- that the requester has submitted the request with their home organisation email address.
Almost everything else will continue as before with no changes.
Through careful implementation of these processes, we can ensure that the level of assurance provided by the UK eScience CA is not lowered, and we remain compliant with the IGTF requirements for a Classic CA (“CEDAR”).
As our user communities are keen to support COVID-19 research, we have decided to implement these changes urgently, as opposed to allowing for the two week period for the international community to respond. The first change took effect 16 March 2020, and the second will take effect Monday 6 April 2020.
We now issue SHA2 certificates!
Who can have a Certificate?
Any academic, researcher, student or member of the e-Science community based in the UK.
Why you need a Certificate
A certificate from the UK CA can be used to authenticate you so that you can securely access Grid, Data and Compute resources worldwide. Our certificates are internationally trusted by the Interoperable Global Trust Federation (IGTF).
Who can apply for a certificate?
You can apply for a certificate if you have not previously owned a certificate, or if your certificate has expired or has been revoked. If your certificate is going to expire and you would like to renew it before this time, you should apply in the last month before its expiry date.
How long is my certificate valid for?
All certificates currently being issued will expire after one year.
The Basic Process:
- You request a certificate from this site.
- Meet with your nearest/university Registration Authority (RA) representative and show your photo ID.
- The RA checks the PIN that you entered when requesting your certificate.
- Then the RA checks that you are part of a recognised organisation.
- If all criteria are validated then the RA will approve the request.
- The CA operator will review the approval and sign it.
- You will be informed that your certificate is ready via email which will contain the serial number and instructions to get your certificate.