Hi Jens,
we received a certificate also for the VOMS server. I suspect that this
might affect users using the GridPP VOMS, depending on how the UIs and
various services used are configured. We'll have to test it...
cheers
alessandra
Jensen, J (Jens) wrote:
> Dear all,
>
> As some of you may have heard, we are finally getting round to close
> down the old CA hierarchy (the one where an encrypted copy of the root's
> private key mysteriously went walkabout).
>
> Most users have long been moved over, for the remaining ones we decided
> to try out a new method: re-signing certificates under the new key pair.
>
> This method could make people's lives easier in the future because we
> can to a larger extent automate the process, like a certificate
> "subscription" - you simply get a new one when you need it. (RA will
> still be involved but I want to disassociate the RA approval step from
> the issuance step further.)
>
> My hidden agenda is to make the CA better able to scale to handling the
> large numbers of requests it's handling. This will have to be done in
> steps to avoid disrupting normal services.
>
> For more information about the current process, please refer to the
> following page:
> http://www.grid-support.ac.uk/content/view/399/1/
>
> The users who have been "volunteered" for the trial have already been
> contacted (apart from some for whom the signing failed, they should
> receive theirs later today.) If you haven't been "volunteered", you
> don't need to do anything, the old certificates will automatically drop
> out of the distribution at the next release.
>
> The only gotcha is a bug in IE which I have one report about so far.
> For users with personal certificates in IE, they may have to do an old
> fashioned renewal. If I can replicate the bug, I will file a bug report
> with MS.
>
> Cheers
> --jens
>
--
Well you'll still need a tray
|