You are here: TWiki > Operations Web>OSGPKIChangeMgmt (06 Dec 2016, KyleGross)

Change Management for OSG PKI

This document will describe the change management procedures which require changes to the DigiCert CA.


  1. Create a ticket to track the change being requested. Supply all details about the requester, the purpose, suggested timeline for deployment, and any other information pertinent to the change in the ticket.
  2. Contact Mine and security group for a security review, this review should focus on the security and community impact and need for the change.
  3. Upon receiving the security teams review and approval Ops will review the impact to the OSG PKI service. If it is deemed appropriate Operations will estimate the timeline for implementation and testing in the Trash/Trash/Integration Testbed (ITB). DigiCert will be contacted to make the appropriate changes to the DigiCert Grid Test CA.
  4. Upon successful completion of testing, one contact from security and one from Ops will draft a request for change to be sent to DigiCert?. This request will include proposed timeline for maintenance to implement the change at the OSG PKI and DigiCert. DigiCert will confirm the maintenance implementation and the proposed timeline.
  5. Security & Ops will provide the OK to proceed to OIM and DigiCert CA developers. Proper change announcements will be sent to the OSG community regarding testing and deployment.
  6. OSG Operations will implement new change to production.
  7. Security and Operations will test to make sure the change was successfully deployed.

Non-Change Correspondence

All changes will be tracked via the OSG Ticketing system at All direct email correspondence should be considered and noted in the subject as "Change Inquiry".

-- RobQ - 09 May 2014

Topic revision: r6 - 06 Dec 2016 - 18:12:56 - KyleGross
Hello, TWikiGuest


TWiki | Report Bugs | Privacy Policy

This site is powered by the TWiki collaboration platformCopyright by the contributing authors. All material on this collaboration platform is the property of the contributing authors..