This document provides a breakdown of the work items in the “Gap Analysis” section of the community survey from the InCommon Certificate Service Review Working Group. Primarily, only those items receiving ‘high’ or ‘medium’ priority are listed, though there is a table that outlines those items with ‘low’ priority that are either done or are being pursued. The work items are categorized below by responsible party. |
The full report of the subscriber survey from the Certificate Service Review Work Group can be found here:
(the gap analysis begins on pg 7)
Item | Status | Target |
DCV documentation | Not yet started. Possible webinar topic/doc? | 2017, Q4 |
EV documentation | Have started with new EV process at: https://spaces.at.internet2.edu/x/YAxhBg Possible webinar topic/doc? | 2017, Q3 |
InCommon Cert API | Currently awaiting prioritization/scheduling within TIER | TBD |
Item | Status | Target |
FAQ doc RE: how to get support | waiting on potential I2 KB system | 2018, Q4 |
Item | Status | Target |
ACME Support | Comodo doesn’t support ACME at this time (business decision). | no longer in scope |
SmartCard Certificates | DONE | 2016 |
Improve support function for EV process | DONE | 2017, Q3 |
Dedicated queue for InCommon | DONE (new ccmvalidation@comodo.com, in addition to existing ccmsupport@comodo.com), need to publicize | Q4 2017 |
Allow wildcard in CN with SANs (some software needs to see a wildcard in the CN of a wildcard cert, not as a SAN) | Comodo will document their known workaround for EZProxy, but is still investigating the feasibility of adding this feature. | TBD |
Bulk certificate management (both API and CCM) | Comodo is discussing only bulk DCV at this time. No other bulk certificate management capabilities are being discussed or planned for either CCM or the API. | no longer in scope |
Sync DCV expirations per-org | Comodo has determined that this is not feasible at this time. | no longer in scope |
Item | Status | Target |
Improve custom notifications (addl. fields, events, documentation) | Verified that this was mis-labeled. It was flagged by the community survey review group as a 'nice to have' and never received additional detail. | insufficient clarity to proceed - no longer in scope. |
Improve authentication options for API (passwordless) | DONE, documentation has been updated, need to publicize | Q3, 2017 |
Additional API fields/functions:
| Will not be fixed; workarounds provided. Workaround for 'external requester' is to call "updateRequesterExt" after the initial request by injecting the external requestor(s). Workaround for omitting optional components is to create a separate DRAO with the exact field requirements desired. | DONE/Not-In-Scope |
CM/CA Status Page | DONE | 2017 |
Release Roadmap | DONE, see here | Q3, 2017 |
Item | Status | Target |
Single Initial POC for support | Not currently feasible | |
CCM Training | in development | 2017, Q4 |
Support webinars | Need to identify topics - ideas:
| ongoing |
Item | Status | Target |
Stronger SLA | DONE | 2016 |
SSO | In testing | 2017, Q4 |
MFA | In testing | 2017, Q4 |
Support KB, tailored for InCommon issues | Awaiting KB at Internet2, can discuss whether or not Comodo can provide this. This should be moved to the 2018 Work Plan. | 2018, Q4 |
Item | Status |
Local CA options | Out of Scope. InCommon not offering service due to lack of demand. |
AD Integration | Basic functionality DONE |
Better integration of vulnerability scanner | DONE |