29 November 2023 InCommon Redesigning the InCommon Certificate Service Subscribe for more like this Share Estimated reading time: 3 minutes By Lisa Doherty, Chair, InCommon Certificate Service Redesign Group The InCommon Certificate Service has been very successful, and it has seen a lot of growth over the last ten years since the agreement between InCommon and Sectigo was first signed with over 650 institutions subscribed to the InCommon Certificate Service. InCommon has begun conversations with Sectigo about updating the current agreement, and we are seeing increased interest in advanced features the service could offer, including creating additional InCommon Certificate Service tiers to allow for better alignment with institutional need. The InCommon Certificate Redesign Group serves as an advisory group to inform the direction of the updated service agreement between InCommon and Sectigo. Lisa Doherty Surveying Subscribers about Service Offerings, Current and Future In September, the InCommon Certificate Redesign group sent out a needs survey to the InCommon Community’s RAOs and DRAOs to measure satisfaction and usage across the current service offerings. We also gauged the need and interest in potential new service offerings. Here’s what we learned from 463 respondents. The responses indicate current usage of the InCommon Certificate Service includes: 91% for website signing/encryption 38% for code signing 29% for email signing/encryption In addition, 18% indicated they use custom integrations with the Sectigo Certificate Manager API. Responses to proposed areas for new service offering include: 59% support for cloud integration and application build processes, particularly on AWS and Azure. 51% authenticating to eduroam, and 49% VPN access, both of which indicate strong need for private CA management. 51% noted a need for automation/deployment, particularly Ansible, and 30% for other integrations such as Azure Key Vault, F5 big IP, and Palo Alto Networks The overwhelming majority of respondents indicated overall satisfaction with the InCommon Certificate Service offerings and support response times from InCommon and Sectigo. There was also clear support for additional offerings, including integration with automation and devops tools,and private CA management. Next Steps The survey data will be used to inform the direction of the updated agreement between InCommon and Sectigo over the next few months. Conversations will focus on incorporating features that align with current technologies as well as expanding the service to offer basic and premium tiers. Lisa Doherty is manager, Academic Computing and Datacenter Computing, at Northern Arizona University. ICYMI InCommon Certificate Service to Highlight Ways to Automate Deployment and Renewal of Certificates InCommon Certificate Service Prepares Subscribers for Upcoming Changes to Client Certificates InCommon Certificate Service Forms Advisory Group to Help Shape Future Offerings