Changes between Version 14 and Version 15 of GeniTrustAnchors


Ignore:
Timestamp:
05/11/15 12:02:12 (4 years ago)
Author:
tupty@bbn.com
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • GeniTrustAnchors

    v14 v15  
    88 * A self-signed SA certificate can be added to an aggregate's list of trusted certificates by itself --- it contains everything the aggregate needs in order to trust that slice authority
    99 * Trusting the self-signed CA certificate for the GENI clearinghouse should be all that is needed to complete the chain to the clearinghouse's trust root.
     10 * An SA certificate which was signed by a self-signed CA certificate requires the inclusion of both the SA and the CA certificates.
    1011
    1112= Recommended GENI slice authorities =
    1213
    13 As of March 2013, the GPO recommends that all GENI aggregates trust the following GENI slice authorities (aka "the GENI cert bundle"), allowing the users at those SAs to use resources at GENI racks, GENI backbone and regional networks, etc.
     14As of May 2015, the GPO recommends that all GENI aggregates trust the following GENI slice authorities (aka "the GENI cert bundle"), allowing the users at those SAs to use resources at GENI racks, GENI backbone and regional networks, etc.
    1415
    1516The table below includes links to the SA certificate file, or to both of the MA and CA certificates, for each trust anchor. You can also download the entire bundle as a [attachment:geni-cert-bundle.tar.gz compressed tar file], which unpacks into a directory named "geni-cert-bundle", and includes an MD5SUMS file with md5sums for the certs. The md5sum for the .tar.gz file itself is 404fc0e0da0d04308b7d1d8d89bd910d.