Change Management for OSG PKI
This document will describe the change management procedures which require changes to the DigiCert CA.
- Create a ticket to track the change being requested. Supply all details about the requester, the purpose, suggested timeline for deployment, and any other information pertinent to the change in the ticket.
- Contact Mine and security group for a security review, this review should focus on the security and community impact and need for the change.
- Upon receiving the security teams review and approval Ops will review the impact to the OSG PKI service. If it is deemed appropriate Operations will estimate the timeline for implementation and testing in the Trash/Trash/Integration Testbed (ITB). DigiCert will be contacted to make the appropriate changes to the DigiCert Grid Test CA.
- Upon successful completion of testing, one contact from security and one from Ops will draft a request for change to be sent to DigiCert?. This request will include proposed timeline for maintenance to implement the change at the OSG PKI and DigiCert. DigiCert will confirm the maintenance implementation and the proposed timeline.
- Security & Ops will provide the OK to proceed to OIM and DigiCert CA developers. Proper change announcements will be sent to the OSG community regarding testing and deployment.
- OSG Operations will implement new change to production.
- Security and Operations will test to make sure the change was successfully deployed.
All changes will be tracked via the OSG Ticketing system at http://ticket.opensciencegrid.org
. All direct email correspondence should be considered and noted in the subject as "Change Inquiry".
- 09 May 2014
Topic revision: r6 - 06 Dec 2016 - 18:12:56 - KyleGross