4.2.4 Credential Issuance and Management
info coming soon
Action item (identify section and sub-section)
Who (Univ. unit)
Type (documentation, infrastructure, procedure, Token Administration System)
Effort (Major, moderate, minor, complete)
18.104.22.168 Credential revocation or expiration – item #1 specifies the IdPO shall revoke Credentials or Tokens within 72 hours of being notified that a credential is invalid or compromised. We must document this in CPS and publish/enforce procedures.
SIES for draft language, PMA for approval
22.214.171.124 Credential issuance records retention – IdPO shall retain records of credential issuance and revocation for minimum of 180 days beyond expiration of the credential. VT User CPS states VTCA retains audit logs for 1 year.
documentation, Infrastructure, TAS
Evidence of Compliance:
4.2.5 Authentication Process