Session Abstract

Sites participating in the InCommon Certificate Program are able to obtain client (personal) certificates as well as SSL certs for their servers from InCommon. Empirically, however, we know that fewer sites choose to deploy client certificates than we might expect, in part because of the challenges of deploying and managing certs on a wide variety of different user devices, and because historically deployment has only been to a limited audience rather than the entire campus community. We suggest a new, conceptually simpler, deployment model, focusing on cert storage on hard tokens or smart cards and with universal deployment to all members of the campus community. This talk will explain that model, and provide a practical introduction to hardware tokens and smart cards.