Index of /distribution/ca-policy-lcg-1.113-1
Name Last modified Size Description
![[PARENTDIR]](/_shared_static_content/icons/back.gif)
Parent Directory -
![[DIR]](/_shared_static_content/icons/folder.gif)
dists/ 2024-02-15 08:58 -
meta/ 2024-02-15 08:58 -
repo-files/ 2024-02-15 08:58 -
repodata/ 2021-09-29 17:04 -
RPMS/ 2024-02-15 08:58 -
SRPMS/ 2024-02-15 08:58 -
tgz/ 2024-02-15 08:59 -
![[TXT]](/_shared_static_content/icons/text.gif)
release.xml 2021-09-29 17:04 78
![[ ]](/_shared_static_content/icons/unknown.gif)
GPG-KEY-EUGridPMA-RPM-3 2021-09-29 17:04 889
European Grid Infrastructure EGI Trust Anchor release 1.113 2021.10.04
------------------------------------------------------------------------------
For release DOCUMENTATION available on this EGI Trust Anchor release see
https://wiki.egi.eu/wiki/EGI_IGTF_Release
------------------------------------------------------------------------------
This is the EGI Trust Anchor release, based on the updated IGTF Accredited CA
distribution version 1.113-1 with the specific DOGWOOD CA in
meta-package "ca-policy-egi-combined-adequacy-model-1.113-1"
that supports the model of joint assurance provision as detailed in the
EGI Policy on Acceptable Authentication Assurance.
The following notices are republished from the IGTF, inasfar as pertinent to
this release. Details are found in the newsletter https://www.eugridpma.org/
Changes from 1.112 to 1.113
---------------------------
(4 October 2021)
* Suspended MD-GRID CA due to network resolution issues (MD)
The CA modifications encoded in both "requires" and "obsoletes" clauses (RPM)
and Conflicts/Replaced clauses (Debian) have been incorporated in the above-
mentioned meta-packages. This release is best enjoyed with fetch-crl v3 or
better, available from GNU/Linux OS add-on repositories Fedora, EPEL, Debian,
and from the IGTF at https://www.igtf.net/fetch-crl
IMPORTANT NOTICE:
This release contains a new "cam" (combined assurance/adequacy) package
based on the approved policy on differentiated assurance. See details on
the EGI Wiki at https://wiki.egi.eu/wiki/EGI_IGTF_Release#cam-impl
TECHNICALLY THIS MEANS THAT
you must ONLY install the new ca-policy-egi-cam packages if you ALSO
at the same time implement VO-specific authorization controls in your
software stack. This may require reconfiguration or a software update. See
https://wiki.egi.eu/wiki/EGI_IGTF_Release#cam-impl
OTHERWISE
just only install or update the regular ca-policy-egi-core package. There
are no changes in this case. The ca-policy-egi-core package is approved for
all VOs membership and assurance models. No configuration change is needed.
Policy on Acceptable Authentication Assurance (Updated 1 Feb 2017)
------------------------------------------------------------------
If a VO registration service or e-Infrastructure registration service is
accredited by EGI to meet the approved authentication assurance, an IGTF
"DOGWOOD" accredited Authority - used solely in combination with said
registration service - is also adequate for user authentication. See
the policy at https://documents.egi.eu/document/2930 for details.
This additional restriction policy must be implemented by each service
in the authorization software. The "combined assurance" model package MUST NOT
be installed unless the additional authorization is in place. You will need
to reconfigure and may need to install upgrades.
Version information: ca-policy-egi-combined-adequacy-model = 1.113-1