eugridpma-announce

eugridpma-announce@nikhef.nl

166 discussions

Updated IGTF distribution 1.48 available
by David Groep 29 May '12

29 May '12

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.48 available ========================================================================= 1. Updated IGTF distribution version 1.48 available ========================================================================= A new distribution of Accredited Authorities by the EUGridPMA, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities by all IGTF Members and retires expiring CA certificates. This is version 1.48, release 1, and it is now available for download from the Repository (and mirrors) at https://dist.eugridpma.info/distribution/igtf/current/ Changes from 1.47 to 1.48 ------------------------- (29 May 2012) * Extended life time of DFN GridGermany Root (1149214e) and CDPs (DE) Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (such as a national e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await your project announcement before installing this release. The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updates substantially. The currently- estimated next release date of the distribution is 25 June 2012. ========================================================================= REPEATED NOTICES ========================================================================= Debian APT support ------------------ The IGTF distributed the trust anchors in various formats. This release adds an 'apt' compliant repository for Debian-based distribution as an experimental service. For details, see https://dist.eugridpma.info/distribution/igtf/current/dists/README.txt This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.eugridpma.info/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.47
by David Groep 30 Apr '12

30 Apr '12

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.47 available ========================================================================= 1. Updated IGTF distribution version 1.47 available ========================================================================= A new distribution of Accredited Authorities by the EUGridPMA, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities by all IGTF Members and retires expiring CA certificates. This is version 1.47, release 1, and it is now available for download from the Repository (and mirrors) at https://dist.eugridpma.info/distribution/igtf/current/ Changes from 1.46 to 1.47 ------------------------- (30 April 2012) * Updates CA URL metadata and CRL for pkIRISGrid CA (ES) * Added accredited classic MYIFAM CA (MY) Debian APT support ------------------ The IGTF distributed the trust anchors in various formats. This release adds an 'apt' compliant repository for Debian-based distribution as an experimental service. For details, see https://dist.eugridpma.info/distribution/igtf/current/dists/README.txt Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (such as a national e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await your project announcement before installing this release. The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updates substantially. The currently- estimated next release date of the distribution is 4 June 2012. ========================================================================= REPEATED NOTICES ========================================================================= This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.eugridpma.info/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.46 withdrawing old CESNET CA
by David Groep 29 Mar '12

29 Mar '12

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Unused CESNET CA "9b59ecad" lost CRL generation capability 2. Updated IGTF distribution version 1.46 available ========================================================================= 1. Unused CESNET CA "9b59ecad" lost CRL generation capability ========================================================================= The obsolete CESNET cA with OpenSSL 0.x hashID "9b59ecad" has recently lost its capability to generate CRLs. Although this CA was no longer in active use and has no subscribers left, it was not yet withdrawn from the IGTF distribution. The last CRL has since expired, and in its current state the CA is no longer operative. It also has no capability left to generate a new CRL. There are no security risks associated with having an expired CRL, and leaving 1.45 in place does not expose you as a relying party to any additional risk. However, no longer having a valid CRL may generate monitoring warnings in several operational infrastructures. To mitigate this warnings, the IGTF releases 1.46, which formally obsoletes this CA. ========================================================================= 2. Updated IGTF distribution version 1.46 available ========================================================================= A new distribution of Accredited Authorities by the EUGridPMA, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities by all IGTF Members and retires expiring CA certificates. This is version 1.46, release 1, and it is now available for download from the Repository (and mirrors) at https://dist.eugridpma.info/distribution/igtf/current/ Changes from 1.45 to 1.46 ------------------------- (29 March 2012) * Removed discontinued CESNET (9b59ecad) CA (CZ) Debian APT support ------------------ The IGTF distributed the trust anchors in various formats. This release adds an 'apt' compliant repository for Debian-based distribution as an experimental service. For details, see https://dist.eugridpma.info/distribution/igtf/current/dists/README.txt Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (such as a national e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await your project announcement before installing this release. The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updates substantially. The currently- estimated next release date of the distribution is 30 April 2012. Dual-hash OpenSSL v1 support ---------------------------- This distribution comes in two (2) formats. The primary format for this release supports OpenSSL v1 and is designed to be backwards compatible with the old distribution format. If you experience issues with the new format, the old non-OpenSSL-v1 version is still available at https://dist.eugridpma.org/distribution/igtf/current-old/ but you should upgrade as soon as practically possible. Subsequentl releases may withdraw this legacy format without further notice. For more information, please refer to the February 15th 2010 newsletter: https://www.eugridpma.org/newsletter/eugridpma-newsletter-20100215.txt ========================================================================= REPEATED NOTICES ========================================================================= This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.eugridpma.info/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.45 now available
by David Groep 27 Mar '12

27 Mar '12

From: David Groep <info(a)eugridpma.org> Date: Mon, 26 Mar 2012 12:00:00 +0200 Subject: Updated IGTF distribution 1.45 Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.45 available ========================================================================= 1. Updated IGTF distribution version 1.45 available ========================================================================= A new distribution of Accredited Authorities by the EUGridPMA, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities by all IGTF Members and retires expiring CA certificates. This is version 1.45, release 1, and it is now available for download from the Repository (and mirrors) at https://dist.eugridpma.info/distribution/igtf/current/ Changes from 1.44 to 1.45 ------------------------- (26 March 2012) * Added accredited NCSA 2-factor SLCS CA (US) Debian APT support ------------------ The IGTF distributed the trust anchors in various formats. This release adds an 'apt' compliant repository for Debian-based distribution as an experimental service. For details, see https://dist.eugridpma.info/distribution/igtf/current/dists/README.txt Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (such as a national e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await your project announcement before installing this release. The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updates substantially. The currently- estimated next release date of the distribution is 30 April 2012. Dual-hash OpenSSL v1 support ---------------------------- This distribution comes in two (2) formats. The primary format for this release supports OpenSSL v1 and is designed to be backwards compatible with the old distribution format. If you experience issues with the new format, the old non-OpenSSL-v1 version is still available at https://dist.eugridpma.org/distribution/igtf/current-old/ but you should upgrade as soon as practically possible. Subsequentl releases may withdraw this legacy format without further notice. For more information, please refer to the February 15th 2010 newsletter: https://www.eugridpma.org/newsletter/eugridpma-newsletter-20100215.txt ========================================================================= REPEATED NOTICES ========================================================================= This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.eugridpma.info/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.44
by David Groep 30 Jan '12

30 Jan '12

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.44 available ========================================================================= 1. Updated IGTF distribution version 1.44 available ========================================================================= A new distribution of Accredited Authorities by the EUGridPMA, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities by all IGTF Members and retires expiring CA certificates. This is version 1.44, release 1, and it is now available for download from the Repository (and mirrors) at https://dist.eugridpma.info/distribution/igtf/current/ Changes from 1.43 to 1.44 ------------------------- (30 January 2012) * Added accredited classic DigiCert CA chains (US) * Extended life time of UGRID root cert (UA) Debian APT support ------------------ The IGTF distributed the trust anchors in various formats. This release adds an 'apt' compliant repository for Debian-based distribution as an experimental service. For details, see https://dist.eugridpma.info/distribution/igtf/current/dists/README.txt Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (such as a national grid infrastructure, EGI, OSG, PRACE-RI, DEISA, NAREGI or others) you may want to await your project announcement before installing this release. The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updates substantially. The currently- estimated next release date of the distribution is 26 March 2012. Dual-hash OpenSSL v1 support ---------------------------- This distribution comes in two (2) formats. The primary format for this release supports OpenSSL v1 and is designed to be backwards compatible with the old distribution format. If you experience issues with the new format, the old non-OpenSSL-v1 version is still available at https://dist.eugridpma.org/distribution/igtf/current-old/ but you should upgrade as soon as practically possible. Subsequentl releases may withdraw this legacy format without further notice. For more information, please refer to the February 15th 2010 newsletter: https://www.eugridpma.org/newsletter/eugridpma-newsletter-20100215.txt ========================================================================= REPEATED NOTICES ========================================================================= This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.eugridpma.info/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.43
by David Groep 28 Nov '11

28 Nov '11

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.43 available ========================================================================= 1. Updated IGTF distribution version 1.43 available ========================================================================= A new distribution of Accredited Authorities by the EUGridPMA, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities by all IGTF Members and retires expiring CA certificates. This is version 1.43, release 1, and it is now available for download from the Repository (and mirrors) at https://dist.eugridpma.info/distribution/igtf/current/ Changes from 1.42 to 1.43 ------------------------- (28 November 2011) * Added new SWITCHslcs 2011 CA, replacing SWITCHslcs 2009 (CH) * Updated contact information for SWITCH CAs (CH) * Added new accredited classic JUnet CA (JO) * Added additional CRL URL for DOEGrids CA in certificate and meta data (US) * Added additional CRL URL for ESnet Root CA in meta data (US) * Updated institute information for KIT in signing_policy file (DE) * Updated enrollment URLs for Grid-FR CA (FR) Debian APT support ------------------ The IGTF distributed the trust anchors in various formats. This release adds an 'apt' compliant repository for Debian-based distribution as an experimental service. For details, see https://dist.eugridpma.info/distribution/igtf/current/dists/README.txt Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (such as a national grid infrastructure, EGI, OSG, PRACE-RI, DEISA, NAREGI or others) you may want to await your project announcement before installing this release. The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updates substantially. The currently- estimated next release date of the distribution is 30 January 2012. Dual-hash OpenSSL v1 support ---------------------------- This distribution comes in two (2) formats. The primary format for this release supports OpenSSL v1 and is designed to be backwards compatible with the old distribution format. If you experience issues with the new format, the old non-OpenSSL-v1 version is still available at https://dist.eugridpma.org/distribution/igtf/current-old/ but you should upgrade as soon as practically possible. Subsequentl releases may withdraw this legacy format without further notice. For more information, please refer to the February 15th 2010 newsletter: https://www.eugridpma.org/newsletter/eugridpma-newsletter-20100215.txt ========================================================================= REPEATED NOTICES ========================================================================= This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.eugridpma.info/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution version 1.42 addresses UK eScience CA 2B issue
by David Groep 30 Sep '11

30 Sep '11

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.42 available ========================================================================= 1. Updated IGTF distribution version 1.42 available ========================================================================= A new distribution of Accredited Authorities by the EUGridPMA, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities by all IGTF Members and retires expiring CA certificates. This is version 1.42, release 1, and it is now available for download from the Repository (and mirrors) at https://dist.eugridpma.info/distribution/igtf/current/ *** note that the default format is now OpenSSL v1 compatible *** Changes from 1.41 to 1.42 ------------------------- (30 September 2011) * Corrected signing_policy file for UKeScience CA 2B (UK) Debian APT support ------------------ The IGTF distributed the trust anchors in various formats. This release adds an 'apt' compliant repository for Debian-based distribution as an experimental service. For details, see https://dist.eugridpma.info/distribution/igtf/current/dists/README.txt Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (such as a national grid infrastructure, EGI, OSG, PRACE-RI, DEISA, NAREGI or others) you may want to await your project announcement before installing this release. The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updates substantially. The currently- estimated next release date of the distribution is 28 November 2011. Dual-hash OpenSSL v1 support ---------------------------- This distribution comes in two (2) formats. The primary format for this release supports OpenSSL v1 and is designed to be backwards compatible with the old distribution format. If you experience issues with the new format, the old non-OpenSSL-v1 version is still available at https://dist.eugridpma.org/distribution/igtf/current-old/ but you should upgrade as soon as practically possible. Subsequentl releases may withdraw this legacy format without further notice. For more information, please refer to the February 15th 2010 newsletter: https://www.eugridpma.org/newsletter/eugridpma-newsletter-20100215.txt ========================================================================= REPEATED NOTICES ========================================================================= This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.eugridpma.info/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.41 available
by David Groep 26 Sep '11

26 Sep '11

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.41 available ========================================================================= 1. Updated IGTF distribution version 1.41 available ========================================================================= A new distribution of Accredited Authorities by the EUGridPMA, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities by all IGTF Members and retires expiring CA certificates. This is version 1.41, release 1, and it is now available for download from the Repository (and mirrors) at https://dist.eugridpma.info/distribution/igtf/current/ *** note that the default format is now OpenSSL v1 compatible *** Changes from 1.40 to 1.41 ------------------------- (26 September 2011) * Added accredited PSC MyProxy SLCS CA (US) * Updated CRL URL for LIPCA (PT) * Extended life time of SlovakGrid CA root (SK) * Added accredited DZ-eScience CA (DZ) * Added accredited NICS SLCS MyProxy CA (US) * Added new UK eScience issuing CAs 2A and 2B to allowed namespaces and removed superfluous signing policy entries (UK) * Normalised the certificate files (.0) for selected CAs in the 'old' format distribution. This does not affect the 'new' OpenSSL v1+ compatible release. Affected CAs are CESNET, NIKHEF, NIIF, DFN-GridGermany-Root, PSC-Myproxy-CA, and NERSC-SLCS. Old and new format files are now identical. * The "worthless" area, containing some files that are distributed merely for convenience for selected specific purposes, has been re-named to "unaccredited". Files contained in this directory must be treated with utmost care, and their inclusion in the distribution does not constitute any form of endorsement by the IGTF of these files or their content. * Added unaccredited InCommon Server CA to convenience directory (US) Debian APT support ------------------ The IGTF distributed the trust anchors in various formats. This release adds an 'apt' compliant repository for Debian-based distribution as an experimental service. For details, see https://dist.eugridpma.info/distribution/igtf/current/dists/README.txt Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (such as a national grid infrastructure, EGI, OSG, PRACE-RI, DEISA, NAREGI or others) you may want to await your project announcement before installing this release. The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updates substantially. The currently- estimated next release date of the distribution is 28 November 2011. Dual-hash OpenSSL v1 support ---------------------------- This distribution comes in two (2) formats. The primary format for this release supports OpenSSL v1 and is designed to be backwards compatible with the old distribution format. If you experience issues with the new format, the old non-OpenSSL-v1 version is still available at https://dist.eugridpma.org/distribution/igtf/current-old/ but you should upgrade as soon as practically possible. Subsequentl releases may withdraw this legacy format without further notice. For more information, please refer to the February 15th 2010 newsletter: https://www.eugridpma.org/newsletter/eugridpma-newsletter-20100215.txt ========================================================================= REPEATED NOTICES ========================================================================= This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.eugridpma.info/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.40 (hotfix)
by David Groep 28 Jun '11

28 Jun '11

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.40 available The meta-data for the Uni-Andes CA of Colombia introduced in release 1.39 contained an incorrect fingerprint of the certificate in the associated meta-data (".info") file. The actual certificate shipped for this CA (OpenSSL v0.x hash: fc1898ec) was correct and has not changed. The SHA1 fingerprint for this CA should read 00:B7:AA:54:AE:7B:1D:BE:FB:40:F4:68:02:85:5F:73:01:83:B6:0D The 1.40 release corrects this meta-data file. ========================================================================= 1. Updated IGTF distribution version 1.40 available ========================================================================= A new distribution of Accredited Authorities by the EUGridPMA, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities by all IGTF Members and retires expiring CA certificates. This is version 1.40, release 1, and it is now available for download from the Repository (and mirrors) at https://dist.eugridpma.info/distribution/igtf/current/ *** note that the default format is now OpenSSL v1 compatible *** Changes from 1.39 to 1.40 ------------------------- (28 June 2011) * Corrected fingerprint meta-data for UniAndes CA (CO) Changes from 1.38 to 1.40 ------------------------- (27 June 2011) * Change of contact address for NAREGI CA (JP) * Change of contact address for GermanGrid CA (DE) * Added accredited classic HIAST CA (SY) * Added accredited classic Uni Andes CA (CO) * Extended life time of root certificate for SiGNET-CA (SI) * Extended life time of root certificate for Grid-Ireland (IE) * New issuing certificates (2A, 2B) for UKeScience (GB) * Updated extensions for DOEGrids-CA-1 issuing CA (US) Changes to unaccredited information: * Added experimental DZeScience CA (DZ) * Extended life time for unaccredited Benelux and NE tutorial CA cert and re-rooted namespace to new domain name (NL,BE) * Added worthless replacement gilda 2011 CA (IT) Debian APT support ------------------ The IGTF distributed the trust anchors in various formats. This release adds an 'apt' compliant repository for Debian-based distribution as an experimental service. For details, see https://dist.eugridpma.info/distribution/igtf/current/dists/README.txt Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (such as a national grid infrastructure, EGI, OSG, PRACE-RI, DEISA, NAREGI or others) you may want to await your project announcement before installing this release. The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updates substantially. Current estimated but the next release of the distribution in Septmber 2011. Dual-hash OpenSSL v1 support ---------------------------- This distribution comes in two (2) formats. The primary format for this release supports OpenSSL v1 and is designed to be backwards compatible with the old distribution format. If you experience issues with the new format, the old non-OpenSSL-v1 version is still available at https://dist.eugridpma.org/distribution/igtf/current-old/ but you should upgrade as soon as practically possible. Subsequentl releases may withdraw this legacy format without further notice. For more information, please refer to the February 15th 2010 newsletter: https://www.eugridpma.org/newsletter/eugridpma-newsletter-20100215.txt ========================================================================= REPEATED NOTICES ========================================================================= This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.eugridpma.info/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.39 and migration to Fetch-crl version 3
by David Groep 27 Jun '11

27 Jun '11

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.39 available - Changes in 1.39 - Debian APT support - Use in coordinated-deployment infrastructures - Next release - Dual-hash OpenSSL v1 support 2. New version 3 of the CRL retrieval tool Fetch-crl We STRONGLY ADVISE everyone to upgrade to Fetch-crl version 3. It is necessary for out-of-the-box OpenSSL v1 support and brings significant stability improvements and has features for resilience. Download it from https://dist.eugridpma.info/distribution/util/fetch-crl3/ ========================================================================= 1. Updated IGTF distribution version 1.39 available ========================================================================= A new distribution of Accredited Authorities by the EUGridPMA, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities by all IGTF Members and retires expiring CA certificates. This is version 1.39, release 1, and it is now available for download from the Repository (and mirrors) at https://dist.eugridpma.info/distribution/igtf/current/ *** note that the default format is now OpenSSL v1 compatible *** Changes from 1.38 to 1.39 ------------------------- (27 June 2011) * Change of contact address for NAREGI CA (JP) * Change of contact address for GermanGrid CA (DE) * Added accredited classic HIAST CA (SY) * Added accredited classic Uni Andes CA (CO) * Extended life time of root certificate for SiGNET-CA (SI) * Extended life time of root certificate for Grid-Ireland (IE) * New issuing certificates (2A, 2B) for UKeScience (GB) * Updated extensions for DOEGrids-CA-1 issuing CA (US) Changes to unaccredited information: * Added experimental DZeScience CA (DZ) * Extended life time for unaccredited Benelux and NE tutorial CA cert and re-rooted namespace to new domain name (NL,BE) * Added worthless replacement gilda 2011 CA (IT) Debian APT support ------------------ The IGTF distributed the trust anchors in various formats. This release adds an 'apt' compliant repository for Debian-based distribution as an experimental service. For details, see https://dist.eugridpma.info/distribution/igtf/current/dists/README.txt Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (such as a national grid infrastructure, EGI, OSG, PRACE-RI, DEISA, NAREGI or others) you may want to await your project announcement before installing this release. The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updates substantially. Current estimated but the next release of the distribution in September 2011. Dual-hash OpenSSL v1 support ---------------------------- This distribution comes in two (2) formats. The primary format for this release supports OpenSSL v1 and is designed to be backwards compatible with the old distribution format. If you experience issues with the new format, the old non-OpenSSL-v1 version is still available at https://dist.eugridpma.org/distribution/igtf/current-old/ but you should upgrade as soon as practically possible. Subsequentl releases may withdraw this legacy format without further notice. For more information, please refer to the February 15th 2010 newsletter: https://www.eugridpma.org/newsletter/eugridpma-newsletter-20100215.txt ========================================================================= 2. New version 3 of the CRL retrieval tool available ========================================================================= Downloading CRLs is a critical component in keeping the integrity and security of the trust fabric -- and CRLs should be updated frequently (preferably several times per day). To facilitate automated retrieval of certificate revocation lists (CRLs) by relying parties, the 'fetch-crl' utility is distributed by the IGTF. This tool has been redesigned completely to incorporate new features: - support for OpenSSL version 1 and dual-hash trust anchor naming - parallel downloads to speed up retrieval (from minutes to seconds) - built-in caching support to reduce bandwidth consumption - site- and infrastructure-level fail-over and override mechanisms Relying parties are encouraged to upgrade to this new version 3, available from the EUGridPMA web site and from popular Linux distribution (add-on) repositories such as Fedora, Debian and EPEL. Fetch-crl3 is independent of any software suite and can be used in conjunction with all popular OpenSSL, BouncyCastle and NSS based products. https://dist.eugridpma.info/distribution/util/fetch-crl3/ The documentation and full list of features can be found at http://www.nikhef.nl/grid/fetchcrl3/ Fetch-crl3 is made available under the Apache License version 2.0. The 2.8 series fetch-crl will remain supported until Q2 2012 but new features will no longer be added. The 2.7 series is no longer supported. ========================================================================= REPEATED NOTICES ========================================================================= This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.eugridpma.info/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

← Newer
1
...
8
9
10
11
12
13
14
...
17
Older →

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

eugridpma-announce