Dear Relying Parties, Authorities, Users, and all others interested,

In this announcement of the IGTF:

1. Updated IGTF distribution version 1.104 available

============================================================================ 1. Updated IGTF distribution version 1.104 available ============================================================================

*** THIS INTERMEDIATE RELEASE ADDRESSES TRANSITIONARY ISSUES identified in relation to the regrafting of the InCommon IGTF Server CA, by adding back the about-to-expire AddTrust External CA Root. Adding the obsoleted AddTrust External CA Root back remediates compatibility issues seen for older OpenSSL below 1.0.1 and JDK versions.

A new distribution of Accredited Authorities by the Interoperable Global Trust Federation,a based on the IGTF Common Source, is now available. It includes the newly accredited Authorities and retires expiring trust anchors.

This is version 1.104 release 1 and it is now available for download from the Repository (and mirrors) at

https://dist.igtf.net/distribution/igtf/current/

Changes from 1.103 to 1.104 --------------------------- (29 January 2020)

* Reinstated AddTrust External CA Root in parallel to Comodo RSA CA to ease transitionary period (US)

Changes from 1.102 to 1.103 --------------------------- (27 January 2020)

* Updated contact addresses for DigiCert (US) * Regrafted InCommon IGTF Server CA onto self-signed Comodo RSA CA (US) * Discontinued superfluous AddTrust External CA Root (US) * Discontinued AustrianGrid CA (AT)

Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has materially been updated. The currently- estimated next release of the distribution will be on February 24, 2020.

========================================================================= REPEATED NOTICES =========================================================================

Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (e.g. a national or regional e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI or others) you may want to await their announcement before installing the release. They could include localised adaptations. For reference we include the links below: PRACE-RI https://winnetou.surfsara.nl/prace/certs/ EGI https://wiki.egi.eu/wiki/EGI_IGTF_Release wLCG https://lcg-ca.web.cern.ch Open Science Grid https://repo.opensciencegrid.org/cadist/ Not all IGTF releases are necessarily accompanied by infrastructure-specific releases. If changes in the IGTF distribution do not materially impact the distribution of the relying party, no associated release may be done, nor is there a reason to update such a distribution.

Supplementary download locations -------------------------------- The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ and by the EUGridPMA at https://dist.eugridpma.info/distribution/igtf/

Where possible validate trust anchors with the GEANT TACAR Repository https://www.tacar.org/

About this news letter ---------------------- This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/

+-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.igtf.net/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+

If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at info@eugridpma.org or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information.