From: David Groep info@eugridpma.org Date: Wed, 5 Oct 2016 11:30:00 +0200 Subject: Updated IGTF distribution 1.78 - improved APT support
Dear CAs, Relying Parties, Users, and all others interested,
In this announcement of the IGTF:
1. Updated IGTF distribution version 1.78 available (fast-track update release) 2. Tech preview: fetch-crl retrieval tool with post-execution scripting
============================================================================ 1. Updated IGTF distribution version 1.78 available ============================================================================
A new distribution of Accredited Authorities by the Interoperable Global Trust Federation, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities and retires expiring trust anchors.
This release has been fast-tracked to resolve issues with recent version of Debian packaging tools, and to forestall potential monitoring issues related to expired trust anchors.
This is version 1.78 release 1 and it is now available for download from the Repository (and mirrors) at
https://dist.igtf.net/distribution/igtf/current/
Changes from 1.77 to 1.78 ------------------------- (5 October 2016)
* Removed superseded INFN-CA-2006 CA (IT) * Updated Debian packaging to support APT security improvements
Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updated substantially. The currently-estimated next release date of the distribution is at the end of October 2016.
========================================================================= 2. Tech preview: fetch-crl retrieval tool with post-execution scripting ========================================================================= In selected deployment, services need to be restarted or reloaded once the CRLs have been updated in trust anchor directory, so that the freshly downloaded revocation information becomes effective. Other services only refresh revocation information periodically. A generic mechanism is about to be added to the fetch-crl tool, allowing users of this tool to trigger their own scripts and service restarts after fetch-crl has completed its work and updated all CRLs, as well as after each individual CRL update.
A technology preview of this fetch-crl version (3.0.18) is now available as a tar-ball and architecture-independent RPM package:
https://dl.igtf.net/distribution/tests/fetch-crl3/
and the author welcomes your comments on this version as well as any bug reports and regressions. Documentation for the new features ("postexec") is available online at https://dl.igtf.net/distribution/tests/fetch-crl3/README.txt
and will be included in the on-line documentation on release.
========================================================================= REPEATED NOTICES =========================================================================
Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (e.g. a national or regional e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await their announcement before installing the release. They could include localised adaptations. For reference we include the links below: PRACE-RI https://winnetou.surfsara.nl/prace/certs/ EGI https://wiki.egi.eu/wiki/EGI_IGTF_Release wLCG https://lcg-ca.web.cern.ch Open Science Grid https://software.grid.iu.edu/cadist/ Not all IGTF releases are necessarily accompanied by a infrastructure-specific release. If the changes in the IGTF distribution do not materially impact the distribution of the relying party, no associated release may be done, nor is there a reason to update such a distribution.
Supplementary download locations -------------------------------- The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ and by the EUGridPMA at https://dist.eugridpma.info/distribution/igtf/
Where possible validate trust anchors with the GEANT TACAR Repository https://www.tacar.org/
About this news letter ---------------------- This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/
+-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.igtf.net/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+
If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at info@eugridpma.org or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information.