|
Документ взят из кэша поисковой машины. Адрес
оригинального документа
: http://theory.sinp.msu.ru/pipermail/ru-ngi/2013q4/001161.html
Дата изменения: Sun Oct 13 02:06:22 2013 Дата индексирования: Fri Feb 28 03:33:13 2014 Кодировка: |
FYI -------- Original Message -------- Subject: [Noc-managers] [ EGI BROADCAST ] Calendar for the decommission or upgrade of non SHA-2 enabled services Date: Fri, 11 Oct 2013 17:30:49 +0200 From: EGI BROADCAST <cic-information at in2p3.fr> To: NGI managers/global_email <noc-managers at mailman.egi.eu> --------------------------------------------------------------------------------------------------------------- EGI BROADCAST TOOL : https://operations-portal.egi.eu/broadcast --------------------------------------------------------------------------------------------------------------- Publication from : Peter Solagna <peter.solagna at egi.eu> Targets : NGI managers/global_email <noc-managers at mailman.egi.eu> ---------------------------------------------------------------------------------------------------------------- Dear Site Administrator, based on the new EUGridPMA timeline [1], the member Certification Authorities will not release in production SHA-2 based personal and host certificates until December 1st 2013. Starting from December 2013 CAs are encouraged to release by default SHA-2 signed credentials as opposed to the SHA-1 certificates currently used in production. Users using SHA-2 signed credentials will not be able to access middleware services that do not support SHA-2. You can find the versions of the UMD products supporting SHA-2 certificates at [2]. The Operations Management Board approved the following calendar for the decommission or upgrade of non-SHA-2 enabled services: - All production services not supporting SHA-2, versions older than the baseline reported at [2], must be upgraded or decommissioned by: *1st December 2013* - If the production services are not upgraded or decommissioned, site managers -starting from 1st December 2013- *must open a downtime* for all services with versions older than the baseline reported at [2]. Starting from *Wednesday October 16th*, non SHA-2 compliant production services will generate alarms on the operations dashboard, and ROD teams will open GGUS tickets to notify the sites of the problem. Please note that all the middleware listed at [2] support both SHA-1 and SHA-2 certificates. For questions or clarifications, please contact your NGI. [1] https://www.eugridpma.org/documentation/hashrat/sha2-timeline [2] https://wiki.egi.eu/wiki/SHA-2_support_middleware_baseline Thanks Regards Peter Solagna on behalf of EGI Operations ---------------------------------------------------------------------------------------------------------------- link to this broadcast : https://operations-portal.egi.eu/broadcast/archive/id/1028 ---------------------------------------------------------------------------------------------------------------- _______________________________________________ Noc-managers mailing list Noc-managers at mailman.egi.eu https://mailman.egi.eu/mailman/listinfo/noc-managers -- A.Kryukov. SINP MSU Phone: +7 495 939-3156