A pilot involving several InCommon Certificate Service subscribers continues, testing the use of single sign-on (SSO) and multifactor authentication (MFA) to log in to the Comodo Certificate Manager. This is a feature that has long been requested and was one of the top most-desired items on the survey conducted last year.

Rather than use credentials provided by Comodo, those who administer certificates on campus (both RAOs, or Registration Authority Officers as well as DRAOs, or Departmental Registration Authority Officers) will use their InCommon federated credentials for single sign-on. In addition, RAOs will leverage their local multifactor authentication process to secure their logins. The benefits of this approach include:

This security enhancement will leverage the REFEDS Multi-Factor Authentication Profile that allows service providers to signal the need for, and Identity providers to signal the use of, multifactor authentication. The profile is maintained by the international Research and Education Federations (REFEDS) organization comprised of more than 40 national federations (including InCommon).