DOE Science Grid
DOE Science Grid
Signing Policy for the LBNL Science Grid CA
The purpose of the LBNL Science Grid CA is to issue identity certificates for users of the Grid and servers and hosts that are providing services to the Grid. The LBNL Science Grid is a research node of the DOE Science Grid. As such we will issue identity certificates to anyone who is trying to use the LBNL Science Grid or any LBNL affiliated persons who are using other nodes of the DOE Grid. We accept certificate requests via submission by the enrollment forms found at https://idcg-ca.lbl.gov. We currently issue certificates with the organizational fields O=Grid,O=Lawrence Berkeley National Laboratory and allow to the user to chose an OU of the following departments at LBL: Distributed Systems, High Performance Distributed Research, NERSC and ESnet. If you are not employed by LBL as staff, student or visiting researcher you should choose the group Guests.If you are a member of some other Department at the Lab, contact us and we will add it to the list of options. The common name should be "First MI Last" name of the requestor. Server certificates should have the same two O values. The OU values are optional, the machine name should be the fully qualified domain name of the machine optionally preceeded by the word host/.
Certificates are issued by one of a group three people listed in the mail alias gridCAAdmin@george.lbl.gov. The policy for issuing a certificate is that one of these individuals knows who the requestor is, knows that he is involved in Grid research, knows that the OU that has been selected is correct for the requestor. In the case of server certifcates, the same rules apply with the additional knowlegde that the requestor is responsible for the services and machines for which the certificate has been requested.
If you request a certificate from the gridCAAdmin group and do not get a satisfactory reply, you can take your case to the broader Grid Adminstration mailing list grid-admin@george.lbl.gov.
These conditions are subject to change without notice and have not been vetted by the legal staff. Therefore at this time they should read as a statement of intent only.
In order to interoperate with the LBL DOE Science Grid, you will need to modify the ca-signing-policy.conf file that is usually found in GLOBUS_INSTALL_PATH/etc/certifcates/ca-signing-policy.conf. You can find a copy of the DOE SG ca-signing-policy.conf file here. You will also need to install the LBL DOE Science Grid CA certificates, 6349a761.0 and f7d75486.0.

Funded by U.S. Dept. of Energy, Office of Science, Office of Advanced Scientific Computing Research, Mathematical, Information, and Computational Sciences Division.
>
LBNL Home Page. NERSC Home Page. PNL Home Page. ANL Home Page. ORNL Home Page.

You are visitor 2116 to this page since January 2001.

This document was last updated on February 16, 2003, and is located at http://www-itg.lbl.gov/Grid/Grid/LBLCASigningPolicy.html.
To report Web page problems, e-mail webmaster@www-itg.lbl.gov. To request further information about ITG activities, e-mail wejohnston@lbl.gov.
Support Credits identify the funding sources and the organizational context of the work described in this document.
Privacy and site security notice to Users

Joshua Boverhof (JRBoverhof@lbl.gov) is responsible for this WWW document.