From: David Groep Date: Mon, 31 Mar 2014 12:00:00 +0200 Subject: Updated IGTF distribution 1.56 and more authentication profiles Dear CAs, Relying Parties, Users, and all others interested, In this announcement of the IGTF: 1. Updated IGTF distribution version 1.56 available 1. Identifier-Only Trust Assurance Profile ========================================================================= 1. Updated IGTF distribution version 1.56 available ========================================================================= A new distribution of Accredited Authorities by the EUGridPMA, based on the IGTF Common Source, is now available. It includes the newly accredited Authorities by all IGTF Members and retires expiring CA certificates. This is version 1.56 release 1 and it is now available for download from the Repository (and mirrors) at https://dist.eugridpma.info/distribution/igtf/current/ Changes from 1.55 to 1.56 ------------------------- (31 March 2014) * Removed discontinued SWITCHslcs2011 and associated Root (CH) * Removed discontinued APAC CA (AU) * Removed discontinued DoEGrids CA and ESnet root (US) * Add reference to CA website for AustrianGrid CA (AT) * Add new subordinates for DigiCert: 1cdf1cd9/DigiCertGridCA-1G2-Classic and 5d9ea26d/DigiCertGridTrustCAG2-Classic (US) * Add meta-package for the IOTA-accredited CAs. Please note that there are no IOTA accredited CAs as this point in time. For specifications see https://www.eugridpma.org/guidelines/IOTA/ * Debian packaging dependencies in meta-packages now correctly use all- lower-case package names throughout Next Release ------------ Releases are usually done on the last Monday of the month, only when the trust anchor distribution has been updated substantially. The currently-estimated next release date of the distribution is at the end of April 2013. ========================================================================= 2. Identifier Only Trust Assurance Authentication Profile ========================================================================= In the coming month, the IGTF will be introducing a new authentication profile, supporting use cases where identity can be assured in a tight collaboration between relying parties and identity providers. It is a *distinct assurance level* adequate only to ensure unique, non-re-assigned identities, generated by authorities using secured and trusted infra- structure. The IOTA assurance level will usually be supported by federated identity providers. IOTA authorities are not required to collect more data than are necessary for fulfilling the uniqueness requirements, and credentials issued by authorities under this profile may not provide sufficient information to independently trace individual subscribers. IOTA asertions should be used in conjunction with complementary identification and vetting processes. Relying parties that currently have a managed enrollment programme where user vetting already takes place, and who themselves hold and manage user contacts and identity vetting, may be interested in supporting IOTA. For more details about IOTA, please refer to the authentication profile https://www.eugridpma.org/guidelines/IOTA/ At this point no authorities have yet been accredited under this profile. More information will be distributed when the first identity providers will have been accredited under this profile. You are welcome to contact your national IGTF accredited authority or regional PMA for more information. ========================================================================= REPEATED NOTICES ========================================================================= Use in coordinated-deployment infrastructures --------------------------------------------- If you are part of a coordinated-deployment infrastructure (such as a national e-Infrastructure, EGI, OSG, PRACE-RI, NAREGI and others) you may want to await your project announcement before installing this release. The download repository is also mirrored by the APGridPMA at https://www.apgridpma.org/distribution/igtf/ About this news letter ---------------------- This newsletter carries IGTF information intended for relying parties. For more information about this newsletter and how to subscribe, refer to the EUGridPMA web site at https://www.eugridpma.org/ +-----------------------------------------------------------------------+ | For information on the IGTF Distribution, how to use it and what is | | contains, please read the information at | | https://dist.eugridpma.info/distribution/igtf/README.txt | | | | This file contains important information for new users and should be | | read before installing this Distribution. | +-----------------------------------------------------------------------+ If you have suggestions or improvements for the distribution format, to have it better suit your needs, please contact the EUGridPMA PMA at or your Regional Policy Management Authority. See the IGTF web site (www.igtf.net) for further information.