============================================================================== LHC Computing Grid Trust Anchor release 1.117-1 2022.08.29 ============================================================================== This is the wLCG Trust Anchor release, based on the updated IGTF Accredited CA distribution version 1.117-1 with Classic, SLCS and MICS profiles, encoded in meta-package "ca-policy-egi-core-1.117-1" (new installs) and "lcg-CA-1.117-1" (for sites also part of wLCG and/or upgrading from EGEE/JSPG releases). The following notices are republished from the IGTF, inasfar as pertinent to this release. Details are found in the newsletter https://www.eugridpma.org/ Changes from 1.116 to 1.117 --------------------------- (29 August 2022) * Add new intermediate ICA DigiCert Grid-TLS (US) * Add new intermediate ICA DigiCert Grid-Client-RSA2048-SHA256-2022-CA1 (US) * Removed discontinued NCSA-slcs-2013 following end of XSEDE (US) * Removed discontinued PSC-Myproxy-CA following end of XSEDE (US) * RPM packaging: rpm packages are now signed using a SHA-256 digest, file digests using algo 8 (SHA-256), and the yum/dnf listings are signed with SHA-256 as well. This removes support for yum-based distributions up to EL5 (for which ELS ended in November 2020), but allows installation of packages on EL9 (Rocky9, AlmaLinux9, etc.) that require SHA-256. Your may install BOTH "egi-core" AND "lcg" meta-packages, according to your policies. Note that your organisation or NGI may have a specific policy and may have added or removed CAs compared to the EGI core policy. The CA modifications encoded in both "requires" and "obsoletes" clauses (RPM) and Conflicts/Replaced clauses (Debian) have been incorporated in the above- mentioned meta-packages. This release is best enjoyed with fetch-crl v3 or better, available from GNU/Linux OS add-on repositories Fedora, EPEL, Debian, and from the IGTF at https://www.igtf.net/fetch-crl Version information: ca-policy-lcg = 1.117-1