Action item (identify section and sub-section)
Who (Univ. unit)
Type (documentation, infrastructure, procedure, Token Administration System)
Effort (Major, moderate, minor, complete)
220.127.116.11 Credential revocation or expiration – item #1 specifies the IdPO shall revoke Credentials or Tokens within 72 hours of being notified that a credential is invalid or compromised. We must document this in CPS and publish/enforce procedures.
SIES for draft language, PMA for approval
18.104.22.168 Credential issuance records retention – IdPO shall retain records of credential issuance and revocation for minimum of 180 days beyond expiration of the credential. VT User CPS states VTCA retains audit logs for 1 year.
documentation, Infrastructure, TAS
The authentication Credential is bound to the physical Subject and to the IdMS record pertaining to the Subject.