Security
If you suspect a security incident, or if your account has been compromised, please contact the XSEDE Help Desk immediately to report a security incident.
For other security issues, contact security-lead@xsede.org
Current XSEDE Security Documents
- XSEDE Certificate Service (Get an SSL server cert)
- Incommon Federation: Participant Operational Practices
- XSEDE-approved CA certificates, signing policies, and CRL URLs [Download] [PGP signature(s) for download]
- XSEDE Security Working Group Charter
- XSEDE Security Playbook
- XSEDE Enterprise Services Baseline Security Standard
- XSEDE Science Gateway Security Policy & Guideline
- XSEDE Acceptable Use Policy
- XSEDE Privacy Policy
- XSEDE Resources SSH Keys
- XSEDE Level1 Service Provider Security Agreement
- XSEDE Security Working Group Service Provider (SP) Guide & FAQ
- XSEDE Information Security Training for XSEDE Researchers
Currently Accepted Certificate Authorities
| CA WEPAGE | CA CONTACT | XSEDE TRUSTED SUBJECT DN'S |
|---|---|---|
| AddTrust-External-CA-Root | tcs-pma@terena.org | "/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root" |
| CERN-GridCA | cern-ca-managers@cern.ch | "/DC=ch/DC=cern/CN=CERN Grid Certification Authority" |
| CERN-Root-2 | cern-ca-managers@cern.ch | "/C=ch/O=CERN/CN=CERN Root Certification Authority 2" |
| CILogon | ca@cilogon.org | "/DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon Basic CA 1" "/DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon Silver CA 1" |
| CILogon-OSG | goc@opensciencegrid.org | "/DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon OSG CA 1" |
| COMODO-RSA-CA | admin@incommon.org | "/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority" |
| DFN-GridGermany-Root | dfnpca@dfn-cert.de | "/C=DE/O=DFN-Verein/OU=DFN-PKI/CN=DFN-Verein PCA Grid - G01" |
| DigiCert | support@DigiCert.com | "/DC=com/DC=DigiCert-Grid/O=DigiCert Grid/CN=DigiCert Grid Root CA"" /C=US/O=DigiCert Grid/OU=www.digicert.com/CN=DigiCert Grid Trust CA"" /DC=com/DC=DigiCert-Grid/O=DigiCert Grid/CN=DigiCert Grid CA-1"" /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root CA" |
| InCommon | help@xsede.org | "/C=US/O=Internet2/OU=InCommon/CN=InCommon IGTF Server CA"" /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority"" /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root" |
| INFN (Italy) | infn-ca@fi.infn.it | "/C=IT/O=INFN/CN=INFN CA" |
| KEK | Takashi.Sasaki@kek.jp | "/C=JP/O=KEK/OU=CRC/CN=KEK GRID Certificate Authority" |
| NCSA | ca-admin@ncsa.uiuc.edu | "/C=US/O=National Center for Supercomputing Applications/OU=Certificate Authorities/CN=MyProxy CA 2013"" /C=US/O=National Center for Supercomputing Applications/OU=Certificate Authorities/CN=Two Factor CA 2013" |
| NERSC | certs@nersc.gov | "/DC=net/DC=ES/OU=Certificate Authorities/CN=NERSC Online CA" |
| IRISGrid | pkirisgrid-ca@rediris.es | "/DC=es/DC=irisgrid/CN=IRISGridCA" |
| PSC | ca-admin@psc.edu | "/C=US/O=Pittsburgh Supercomputing Center/CN=PSC MyProxy CA" |
| UK e-Science | ca-manager@grid-support.ac.uk | "/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B""/C=UK/O=eScienceRoot/OU=Authority/CN=UK e-Science Root" |
Key Points
Report any suspected security incidents to the XSEDE Help Desk
Contact Information