Child pages
  • Assurance Implementation Example - Virginia Tech

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Action item (identify section and sub-section)

Who (Univ. unit)

Type (documentation, infrastructure, procedure, Token Administration System)

Effort (Major, moderate, minor, complete) Credential revocation or expiration – item #1 specifies the IdPO shall revoke Credentials or Tokens within 72 hours of being notified that a credential is invalid or compromised. We must document this in CPS and publish/enforce procedures.

SIES for draft language, PMA for approval

Documentation, procedure

Resolution: CPS changed, administrators alerted. Credential issuance records retention – IdPO shall retain records of credential issuance and revocation for minimum of 180 days beyond expiration of the credential. VT User CPS states VTCA retains audit logs for 1 year.


documentation, Infrastructure, TAS

Resolution: CPS changed, Procedures advertised Retention requirement communicated.

Management Assertion

The authentication Credential is bound to the physical Subject and to the IdMS record pertaining to the Subject.