eugridpma-announce

eugridpma-announce@nikhef.nl

1 participants
165 discussions

Updated IGTF distribution 1.75
by David Groep 27 Jun '16

27 Jun '16

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.75 available ============================================================================ 1. Updated IGTF distribution version 1.75 available ============================================================================ A new distribution of Accredited Authorities by the Interoperable Global Trust Federation, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities and retires expiring trust anchors. This is version 1.75 release 1 and it is now available for download from the Repository (and mirrors) at https://dist.igtf.net/distribution/igtf/current/ Changes from 1.74 to 1.75 ------------------------- (27 June 2016) * Discontinued expired UFF BrGrid CA (BR) * Discontinued expired HellasGrid-2006 and associated Root (GR) Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updated substantially. The currently-estimated next release date of the distribution is at the end of July 2016. ========================================================================= REPEATED NOTICES ========================================================================= Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (e.g. a national or regional e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await their announcement before installing the release. They could include localised adaptations. For reference we include the links below: PRACE-RI https://winnetou.surfsara.nl/prace/certs/ EGI https://wiki.egi.eu/wiki/EGI_IGTF_Release wLCG https://lcg-ca.web.cern.ch Open Science Grid https://software.grid.iu.edu/cadist/ Supplementary download locations -------------------------------- The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ and by the EUGridPMA at https://dist.eugridpma.info/distribution/igtf/ Where possible validate trust anchors with the GEANT TACAR Repository https://www.tacar.org/ About this news letter ---------------------- This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.igtf.net/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL ** ** New PGP key: 0x308E076A FP: 2facebea12803ba145685a21d80134c2308e076a **

1 0

Updated IGTF distribution 1.74
by David Groep 16 May '16

16 May '16

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.74 available ============================================================================ 1. Updated IGTF distribution version 1.74 available ============================================================================ A new distribution of Accredited Authorities by the Interoperable Global Trust Federation, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities and retires expiring trust anchors. This is version 1.74 release 1 and it is now available for download from the Repository (and mirrors) at https://dist.igtf.net/distribution/igtf/current/ Changes from 1.73 to 1.74 ------------------------- (16 May 2016) * Removed superseded NorduGrid (2006) CA (DK) * Added HellasGrid 2016 CA (GR) Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updated substantially. The currently-estimated next release date of the distribution is at the end of June 2016. ========================================================================= REPEATED NOTICES ========================================================================= Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (e.g. a national or regional e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await their announcement before installing the release. They could include localised adaptations. For reference we include the links below: PRACE-RI http://winnetou.surfsara.nl/prace/certs/ EGI https://wiki.egi.eu/wiki/EGI_IGTF_Release wLCG https://lcg-ca.web.cern.ch Open Science Grid https://software.grid.iu.edu/cadist/ Supplementary download locations -------------------------------- The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ and by the EUGridPMA at https://dist.eugridpma.info/distribution/igtf/ Where possible validate trust anchors with the GEANT TACAR Repository https://www.tacar.org/ About this news letter ---------------------- This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.igtf.net/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.73
by David Groep 28 Mar '16

28 Mar '16

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.73 available ============================================================================ 1. Updated IGTF distribution version 1.73 available ============================================================================ A new distribution of Accredited Authorities by the Interoperable Global Trust Federation, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities and retires expiring trust anchors. This is version 1.73 release 1 and it is now available for download from the Repository (and mirrors) at https://dist.igtf.net/distribution/igtf/current/ Changes from 1.72 to 1.73 ------------------------- (28 March 2016) * Updated key pair for SDG CA G2 (CN) * Revised URL to point to http endpoint for CERN IOTA ICA CRL (CERN) * Added date field to Debain Release file to work around APT bug 809329 * Added an InRelease file for changing Debian packaging * Added experimental DCA Root G1 and RCauth.eu Pilot ICA G1 (NL, EU) Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updated substantially. The currently-estimated next release date of the distribution is at the end of April 2016. ========================================================================= REPEATED NOTICES ========================================================================= Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (e.g. a national or regional e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await their announcement before installing the release. They could include localised adaptations. For reference we include the links below: PRACE-RI http://winnetou.surfsara.nl/prace/certs/ EGI https://wiki.egi.eu/wiki/EGI_IGTF_Release wLCG https://lcg-ca.web.cern.ch Open Science Grid https://software.grid.iu.edu/cadist/ Supplementary download locations -------------------------------- The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ and by the EUGridPMA at https://dist.eugridpma.info/distribution/igtf/ Where possible validate trust anchors with the GEANT TACAR Repository https://www.tacar.org/ About this news letter ---------------------- This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.igtf.net/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.72
by David Groep 29 Feb '16

29 Feb '16

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.72 available ============================================================================ 1. Updated IGTF distribution version 1.72 available ============================================================================ A new distribution of Accredited Authorities by the Interoperable Global Trust Federation, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities and retires expiring trust anchors. This is version 1.72 release 1 and it is now available for download from the Repository (and mirrors) at https://dist.igtf.net/distribution/igtf/current/ Changes from 1.71 to 1.72 ------------------------- (29 February 2016) * Added roll-over subordinate for the SDG CA G2 (CN) * Added CERN LCG IOTA CA (CERN) * Updated PSC MyProxy CA with extended validity (US) Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updated substantially. The currently-estimated next release date of the distribution is at the end of March 2016. ========================================================================= REPEATED NOTICES ========================================================================= Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (e.g. a national or regional e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await their announcement before installing the release. They could include localised adaptations. For reference we include the links below: PRACE-RI http://winnetou.surfsara.nl/prace/certs/ EGI https://wiki.egi.eu/wiki/EGI_IGTF_Release wLCG https://lcg-ca.web.cern.ch Open Science Grid https://software.grid.iu.edu/cadist/ Supplementary download locations -------------------------------- The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ and by the EUGridPMA at https://dist.eugridpma.info/distribution/igtf/ Where possible validate trust anchors with the GEANT TACAR Repository https://www.tacar.org/ About this news letter ---------------------- This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.igtf.net/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.71
by David Groep 25 Jan '16

25 Jan '16

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.71 available ============================================================================ 1. Updated IGTF distribution version 1.71 available ============================================================================ A new distribution of Accredited Authorities by the Interoperable Global Trust Federation, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities and retires expiring trust anchors. This is version 1.71 release 1 and it is now available for download from the Repository (and mirrors) at https://dist.igtf.net/distribution/igtf/current/ Changes from 1.70 to 1.71 ------------------------- (25 January 2016) * Added accredited classic KENET ICA and associated Root (KE) * Added roll-over subordinate for the SDG CA G2 (CN) * Removed expiring SDG CA (CN) * Updated CyGrid Root CA with extended validity period (CY) * Updated BG-ACAD-CA with extended validity period (BG) Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updated substantially. The currently-estimated next release date of the distribution is at the end of February 2016. ========================================================================= REPEATED NOTICES ========================================================================= Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (e.g. a national or regional e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await their announcement before installing the release. They could include localised adaptations. For reference we include the links below: PRACE-RI http://winnetou.surfsara.nl/prace/certs/ EGI https://wiki.egi.eu/wiki/EGI_IGTF_Release wLCG https://lcg-ca.web.cern.ch Open Science Grid https://software.grid.iu.edu/cadist/ Supplementary download locations -------------------------------- The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ and by the EUGridPMA at https://dist.eugridpma.info/distribution/igtf/ Where possible validate trust anchors with the GEANT TACAR Repository https://www.tacar.org/ About this news letter ---------------------- This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.igtf.net/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.70
by David Groep 30 Nov '15

30 Nov '15

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.70 available ============================================================================ 1. Updated IGTF distribution version 1.70 available ============================================================================ A new distribution of Accredited Authorities by the Interoperable Global Trust Federation, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities and retires expiring trust anchors. This is version 1.70 release 1 and it is now available for download from the Repository (and mirrors) at https://dist.igtf.net/distribution/igtf/current/ Changes from 1.69 to 1.70 ------------------------- (30 November 2015) * Updated CRL URL hosted by KIT for ArmeSFO (AM) * Added NorduGrid 2015 trust anchor (DK,NO,SE,FI,IS) * Discontinued superseded DigiCertGridCA-1G2-Classic (US) Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updated substantially. The currently-estimated next release date of the distribution is at the end of January 2016. ========================================================================= REPEATED NOTICES ========================================================================= Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (e.g. a national or regional e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await their announcement before installing the release. They could include localised adaptations. For reference we include the links below: PRACE-RI http://winnetou.surfsara.nl/prace/certs/ EGI https://wiki.egi.eu/wiki/EGI_IGTF_Release wLCG https://lcg-ca.web.cern.ch Open Science Grid https://software.grid.iu.edu/cadist/ Supplementary download locations -------------------------------- The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ and by the EUGridPMA at https://dist.eugridpma.info/distribution/igtf/ Where possible validate trust anchors with the GEANT TACAR Repository https://www.tacar.org/ About this news letter ---------------------- This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.igtf.net/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.69
by David Groep 26 Oct '15

26 Oct '15

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.69 available ============================================================================ 1. Updated IGTF distribution version 1.69 available ============================================================================ A new distribution of Accredited Authorities by the Interoperable Global Trust Federation, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities and retires expiring trust anchors. This is version 1.69 release 1 and it is now available for download from the Repository (and mirrors) at https://dist.igtf.net/distribution/igtf/current/ Changes from 1.68 to 1.69 ------------------------- (26 October 2015) * Added new INFN "2015" CA as roll-over of the 2006 instance (IT) * Added new CILogon OSG CA (US) * Discontinued BalticGrid CA (EE) Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updated substantially. The currently-estimated next release date of the distribution is at the end of November 2015. ========================================================================= REPEATED NOTICES ========================================================================= Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (e.g. a national or regional e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await their announcement before installing the release. They could include localised adaptations. For reference we include the links below: PRACE-RI http://winnetou.surfsara.nl/prace/certs/ EGI https://wiki.egi.eu/wiki/EGI_IGTF_Release wLCG https://lcg-ca.web.cern.ch Open Science Grid https://software.grid.iu.edu/cadist/ Supplementary download locations -------------------------------- The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ and by the EUGridPMA at https://dist.eugridpma.info/distribution/igtf/ Where possible validate trust anchors with the GEANT TACAR Repository https://www.tacar.org/ About this news letter ---------------------- This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.igtf.net/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.68
by David Groep 05 Oct '15

05 Oct '15

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.68 available ============================================================================ 1. Updated IGTF distribution version 1.68 available ============================================================================ A new distribution of Accredited Authorities by the Interoperable Global Trust Federation, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities and retires expiring trust anchors. This is version 1.68 release 1 and it is now available for download from the Repository (and mirrors) at https://dist.igtf.net/distribution/igtf/current/ Changes from 1.67 to 1.68 ------------------------- (5 October 2015) * Discontinued CALG CA (LV) * Added experimental KENET CAs (KE) Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updated substantially. The currently-estimated next release date of the distribution is at the end of October 2015. ========================================================================= REPEATED NOTICES ========================================================================= Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (e.g. a national or regional e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await their announcement before installing the release. They could include localised adaptations. For reference we include the links below: PRACE-RI http://winnetou.surfsara.nl/prace/certs/ EGI https://wiki.egi.eu/wiki/EGI_IGTF_Release wLCG https://lcg-ca.web.cern.ch Open Science Grid https://software.grid.iu.edu/cadist/ Supplementary download locations -------------------------------- The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ and by the EUGridPMA at https://dist.eugridpma.info/distribution/igtf/ Where possible validate trust anchors with the GEANT TACAR Repository https://www.tacar.org/ About this news letter ---------------------- This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.igtf.net/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.67 with specific trust update
by David Groep 31 Aug '15

31 Aug '15

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.67 available *** The IGTF recommends to update to this new release *** as soon as reasonably possible ============================================================================ 1. Updated IGTF distribution version 1.67 available ============================================================================ A new distribution of Accredited Authorities by the Interoperable Global Trust Federation, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities and retires expiring trust anchors. To forestall a (very small) risk to the integrity of the trust fabric, we recommend that you install this 1.67 release as soon as reasonably possible. This is version 1.67 release 1 and it is now available for download from the Repository (and mirrors) at https://dist.igtf.net/distribution/igtf/current/ Changes from 1.65 to 1.67 ------------------------- (31 August 2015 - release jump, skipping 1.66) * Discontinued NCSA-mics CA (US) * Withdrawn G2 root for IPM CA (IR) Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updated substantially. The currently-estimated next release date of the distribution is at the end of September 2015. ============================================================================ 2. New meta-data info file data in 1.65 release ============================================================================ Each trust anchor in the IGTF distribution comes with an associated file with relevant meta-data: the URL of the revocation list, the emergency contact email address, the fingerprint to verify integrity, the short alias name (file name) and some more data. The name of the trust anchor (for PKIX anchor: the subject distinguished name) has been added to this meta-data in the "subject" attribute. For the policy meta-packages (with the "policy-igtf-{classic,mics,slcs,iota}.info" files), the "subject" attribute is a list of comma-separated subject names of all trust anchors that are accredited under the named authentication profile (AP). All subject names are double-quoted strings. The syntax of the .info meta- data files is described in <http://wiki.eugridpma.org/Main/IGTFInfoFile>. We envison that these subject names will be used for implementing SSL moni- toring use cases, and to support access control and authorization decisions based on the IGTF accreditation status in combination with other relevant external attributes. There is also a 'discontinued' meta-file that lists all trust anchors that have been withdrawn and must no longer be used. Also to this package a list of subject names has been added (only for those subject names that have not been re-used in an updated trust anchor version). This list can be used for verification purposes to inspect whether any discontinued trust anchors are inadvertently still active in a particular installation. ============================================================================ 3. End of support for RPM yum version 2 and RPM-APT ============================================================================ The data for Yum v2 ("headers") and apt-rpm ("apt/RPMS.profile"), although still present in the 1.65 distribution, are no longer supported. They will be removed in an upcoming release. The 1.65 distribution has been built on a new (RHEL6-compatible) platform that does not natively support the apt-rpm model any more. ============================================================================ 4. IGTF uses new build platform ============================================================================ The more observent of the IGTF relying parties may notice that the RPM packaging indicates a new build host (Build Host: el6vbx.localdomain) and was created using a higher version of the RPM build system.This new build host is expected: the distribution is now built in a (virtualised) RHEL6- compatible environment that is hosted on a new (similarly secured)system. The source continues to come from the IGTF Common Source version control system and the data are verified against this common source. The change (from "streng.nikhef.nl" to "el6vbx.localdomain") is expected. ========================================================================= REPEATED NOTICES ========================================================================= Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (e.g. a national or regional e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await their announcement before installing the release. They could include localised adaptations. For reference we include the links below: PRACE-RI http://winnetou.surfsara.nl/prace/certs/ EGI https://wiki.egi.eu/wiki/EGI_IGTF_Release wLCG https://lcg-ca.web.cern.ch Open Science Grid https://software.grid.iu.edu/cadist/ Supplementary download locations -------------------------------- The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ and by the EUGridPMA at https://dist.eugridpma.info/distribution/igtf/ Where possible validate trust anchors with the GEANT TACAR Repository https://www.tacar.org/ About this news letter ---------------------- This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.igtf.net/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

Updated IGTF distribution 1.65 with additional meta-data (includes additional notices)
by David Groep 29 Jun '15

29 Jun '15

Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.65 available 2. New meta-data info file data in 1.65 release 3. End of support for RPM yum version 2 and RPM-APT 4. IGTF uses new build platform ============================================================================ 1. Updated IGTF distribution version 1.65 available ============================================================================ A new distribution of Accredited Authorities by the Interoperable Global Trust Federation, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities and retires expiring trust anchors. This is version 1.65 release 1 and it is now available for download from the Repository (and mirrors) at https://dist.igtf.net/distribution/igtf/current/ Changes from 1.64 to 1.65 ------------------------- (29 June 2015) * Discontinued NAREGI CA (JP) * Added addition G2 root for IPM CA (IR) * Added new subjectdn attribute to the trust anchor and profile meta-data files to aid monitoring and authentication-profile based access control mechanism use cases. See http://wiki.eugridpma.org/Main/IGTFInfoFile (ALL) Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updated substantially. The currently-estimated next release date of the distribution is at the end of September 2015. ============================================================================ 2. New meta-data info file data in 1.65 release ============================================================================ Each trust anchor in the IGTF distribution comes with an associated file with relevant meta-data: the URL of the revocation list, the emergency contact email address, the fingerprint to verify integrity, the short alias name (file name) and some more data. The name of the trust anchor (for PKIX anchor: the subject distinguished name) has been added to this meta-data in the "subject" attribute. For the policy meta-packages (with the "policy-igtf-{classic,mics,slcs,iota}.info" files), the "subject" attribute is a list of comma-separated subject names of all trust anchors that are accredited under the named authentication profile (AP). All subject names are double-quoted strings. The syntax of the .info meta- data files is described in <http://wiki.eugridpma.org/Main/IGTFInfoFile>. We envision that these subject names will be used for implementing SSL moni- toring use cases, and to support access control and authorization decisions based on the IGTF accreditation status in combination with other relevant external attributes. There is also a 'discontinued' meta-file that lists all trust anchors that have been withdrawn and must no longer be used. Also to this package a list of subject names has been added (only for those subject names that have not been re-used in an updated trust anchor version). This list can be used for verification purposes to inspect whether any discontinued trust anchors are inadvertently still active in a particular installation. ============================================================================ 3. End of support for RPM yum version 2 and RPM-APT ============================================================================ The data for Yum v2 ("headers") and apt-rpm ("apt/RPMS.profile"), although still present in the 1.65 distribution, are no longer supported. They will be removed in an upcoming release. The 1.65 distribution has been built on a new (RHEL6-compatible) platform that does not natively support the apt-rpm model any more. ============================================================================ 4. IGTF uses new build platform ============================================================================ The more observant of the IGTF relying parties may notice that the RPM packaging indicates a new build host (Build Host: el6vbx.localdomain) and was created using a higher version of the RPM build system.This new build host is expected: the distribution is now built in a (virtualised) RHEL6- compatible environment that is hosted on a new (similarly secured)system. The source continues to come from the IGTF Common Source version control system and the data are verified against this common source. The change (from "streng.nikhef.nl" to "el6vbx.localdomain") is expected. ========================================================================= REPEATED NOTICES ========================================================================= Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (e.g. a national or regional e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await their announcement before installing the release. They could include localised adaptations. For reference we include the links below: PRACE-RI http://winnetou.surfsara.nl/prace/certs/ EGI https://wiki.egi.eu/wiki/EGI_IGTF_Release wLCG https://lcg-ca.web.cern.ch Open Science Grid https://software.grid.iu.edu/cadist/ Supplementary download locations -------------------------------- The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ and by the EUGridPMA at https://dist.eugridpma.info/distribution/igtf/ Where possible validate trust anchors with the GEANT TACAR Repository https://www.tacar.org/ About this news letter ---------------------- This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.igtf.net/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at <info(a)eugridpma.org> or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **

1 0

← Newer
1
...
5
6
7
8
9
10
11
...
17
Older →

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

eugridpma-announce