Access & Identity Management

Subscribe to this community

  • Advisory: CA Certificate Validation on A...

    Applicable to:Android 11 QPR1 and beyond.IntroductionAs part of ensuring the Android operating system complies with WPA3 standards (see https://www.wi-fi.org/discover-wi-fi/security, and WPA3 Specification v2.0 Section 5), Android will...

    QuoVadis Intermediate Certificate Issue

    15/01/2020:HelloIt has been brought to our attention that many certificates issued via the old version of the Jisc Certificate Service (provided by Digicert/QuoVadis) are, as of last night, showing browser errors due to revocation of t...

  • QuoVadis Intermediate Revoke Update

    On Jan 14th, at 19:34:34 2021 GMT, Digicert revoked a version of the “QuoVadis ...

    TLS 1.2 and updated RADIUS requirements

    TL;DR - TLS 1.2 negotiation in forthcoming OS rele...

    The Jisc Certificate Service is changing...

    The next generation of our Certificate Service is now live and ready to be used.The new service has a new subscription model based on a small number of usage classes - giving a small number of certificates for free on one end of the scale and culminating in an of an offering unlimited number of certificates for a fixed price. The pricing has been set to ensure the average organ...

  • EV TLS/SSL Certificates Issue

    An issue regarding the use of the OCSP Signing EKU in issuing CAs is affecting hundreds of CAs in the industry including QuoVadis (see more at https://www.digicert.com/blog/working-with-delegated-ocsp-responders-and-eku-chaining/).We will communicate with each institution separately and provide a list of the affected certificates shortly with instruction on replacements that wi...

    GDPR: What's your justification?

    [Updated Oct.19 to add EDPB on Necessary for Contract and ICO on Consent][Updated Sep.18 to repair links broken by the demise of the Article 29 WP website][Updated Oct.17 to include an example where multiple justifications are appropriate]One of the key steps in preparing for the General Data Protection Regulation is to know why you are processing each set of personal data, and...

  • Improving reliability of Microsoft NPS a...

    I've spent a fair bit of time over the past month trying to improve the reliability of...

    Advisory: Implications of MAC address ra...

    IntroductionWith the introduction of iOS 14 and An...

    eduroam(UK) Microsoft NPS Configuration ...

    This guide describes the setup of the Microsoft Network Policy Server for use with eduroam...

    Advisory: EAP server certificate conside...

    eduroam(UK) Advisory: EAP server certificate consi...

  • What's the data protection difference be...

    [UPDATE] a slightly revised version of this post formed our response to the ICO consultati...

    IP Addresses, Privacy and the GDPR

    It's well-known that the General Data Protecti...

    SSL Certificate Validity Will Be Limited...

    You may have read recently articles regarding Apple reducing the maximum allowed lifetime of TLS server certificates, Apple has released its official Knowledge Base article on this subject which can be found here.What does this mean for users?For your websites to be trusted by Safari, you will no longer be able to use publicly trusted TLS certificates with validity periods long...

  • Free Text and Data Protection

    Collections of free text – whether in database fields, documents or email archives &...

    FreeRADIUS Best Current Practice Configu...

    Author - Dr Alan Buxey 27/2/2012This document is n...

    GDPR: Backups, Archives and the Right to...

    I was recently asked how the GDPR's Right to Erasure would affect backups and archives. However that right, created by Article 17 of the GDPR, only arises when a data controller no longer has a legal basis for processing personal data. Provided an organisation is implementing an appropriate backup and archiving strategy, that shouldn't happen.The key point is that backu...

  • Remote Proctoring and Invigilation

    [with thanks to a former university Head of Examinations for input and discussion]Recent years, and weeks, have seen a move away from the traditional examination context, where candidates gather in large halls to write on paper, to candidates being assessed using computers, in small groups or individual work spaces. In this change, the role of the invigilator (also known as &qu...

    GDPR: Alumni processes

    Most universities maintain databases of alumni, for purposes including keeping them informed about the organisation, offering services and seeking donations. These activities have a lot in common with other charities, so the Information Commissioner's guidance is relevant. Indeed the Information Commissioner's recent description of using consent-based relationships &quo...

  • OU Field Update

    Please see further update from QuoVadis on the OU field Issue:Retiring the OU field for public TLS/SSL QuoVadis will turn off the Organizational Unit (OU) field for all new public TLS/SSL certificates starting on August 31, 2020 a...

    GDPR: Attendance Monitoring

    A question recently arose about monitoring students' attendance at lectures and tutorials, and how this fitted into data protection law. Since the main purpose of such monitoring seems to be to identify and assist students who don&...

  • Travelling with encrypted devices

    Most portable devices – laptops, smartphones and memory sticks – should be encrypted so that the information they contain is protected if the device is lost or stolen. Many countries (including the UK) give their immigratio...

    eduroam(UK) Technical Specification v1.4

    The full MS Word version of the Technical Specification can be downloaded from icon above.The document can also be found in the Technical Reference Documents section of the eduroam area in Community Library.Appendix 1 - Summary of...

  • FAQ for change to domain validation proc...

    WE ENCOURAGE CUSTOMERS TO VALIDATE DOMAINS IN ADVANCE TO AVOID POSSIBLE LENGTHY DELAYS IN ...

    AI and Ethics: GDPR and beyond

    The EU High-Level Expert Group's (HLEG) draft ...

    Federated Authentication and the GDPR Pr...

    The General Data Protection Regulation's Article 4(1) establishes six principles for any processing of personal data. It's interesting to compare how federated authentication – where a student authenticates to their university/college, which then provides relevant assurances to the website they want to access – performs against those principles when compared...

  • GDPR: Recording Phone Calls

    Most of us are familiar with the recorded messages at the start of phone calls that warn &...

    NAPTR Record Creation Using Microsoft Wi...

    This document describes how to create NAPTR record...

    Underscore characters in dnsNames for SS...

    The use of underscore characters in dnsNames is not allowed in Internet standards but has historically been treated as a gray area when used in the SAN field of TLS/SSL certificates.  Most CAs are disallowing this issuance following discussion in the CA/Browser Forum.We have  previously issued browser-trusted TLS/SSL certificates that include dnsNames with underscore ...

  • Certificate types

    The following certificates can be obtained through the Jisc Certificate Service's web app, found in the App Centre here:The service provides Extended Validation (EV) server certificates S/MIME end user for digitally signing emails for high, both of which offer users the highest possible assurance. Business/Organisation Validated (OV) and Wildcard (of OV type) certificates a...

Subscribe to Access & Identity Management

Latest activity

Steve Bennett commented on QuoVadis Intermediate Revoke Update.
Hi Rhys! I'm aware that the current issue doesn't affect EV certs, but the DigiCert/QuoVadis response makes reference to this being an "o...

On Jan 14th, at 19:34:34 2021 GMT, Digicert revoked a version of the “QuoVadis Global SSL ICA G2” and “QuoVadis Global SSL ICA G3” intermediate certificates...

18 hours 21 min ago
The QuoVadis Intermediate Revoke Update has been updated.

On Jan 14th, at 19:34:34 2021 GMT, Digicert revoked a version of the “QuoVadis Global SSL ICA G2” and “QuoVadis Global SSL ICA G3” intermediate certificates...

18 hours 54 min ago
The QuoVadis Intermediate Revoke Update has been updated.

On Jan 14th, at 19:34:34 2021 GMT, Digicert revoked a version of the “QuoVadis Global SSL ICA G2” and “QuoVadis Global SSL ICA G3” intermediate certificates...

18 hours 57 min ago
Rhys Smith commented on QuoVadis Intermediate Revoke Update.
Hi Steve - Digicert started issuing end entity certificates with the new intermediate as they say, however, only for those directly downloading u...

On Jan 14th, at 19:34:34 2021 GMT, Digicert revoked a version of the “QuoVadis Global SSL ICA G2” and “QuoVadis Global SSL ICA G3” intermediate certificates...

18 hours 58 min ago

On Jan 14th, at 19:34:34 2021 GMT, Digicert revoked a version of the “QuoVadis Global SSL ICA G2” and “QuoVadis Global SSL ICA G3” intermediate certificates...

20 hours 37 min ago

15/01/2020:

Hello

It has been brought to...

3 days 21 hours ago

Applicable to:

Android 11 QPR1 and beyond.

Introduction

As part of ensuring the Android operating...

1 month 2 days ago
The Jisc Assent has been updated.

The Community group for the Jisc Assent Service launched on 25 March 2015

Jisc, as the service operator, will post things on here relevant to the service but...

1 month 3 weeks ago

The next generation of our Certificate Service is now live and ready to be used.

The new service has a new subscription model based on a small number of usage...

2 months 6 days ago

Applicable to:

Android 11 QPR1 and beyond.

Introduction

As part of ensuring the Android operating...

2 months 1 week ago

New videos

3 years 3 months ago
  • Like
    0Likes
  • Unlike
    0Likes
3 years 3 months ago
  • Like
    0Likes
  • Unlike
    0Likes
7 years 8 months ago
  • Like
    5Likes
  • Unlike
    5Likes

New ideas

There have not been any ideas added to this community recently. Do you have a great idea to share?

Recently updated groups

7 hours 17 min ago
Anonymous
18 hours 54 min ago
1 week 3 days ago
Anonymous

Recently updated blogs

5 days 5 hours ago
Anonymous
1 month 3 weeks ago
Anonymous

Who's online

Nobody is online right now.