These observations are correct. For any extended (i.e., non-test)
grid with any intention to operate in a CA an accredited manner,
however, the use of SimpleCA would not be recommended in any case.
Personally, I wish the Globus team would de-emphasize its inclusion of
SimpleCA and decouple it from the Globus documentation.
Alan
On Jul 22, 2008, at 3:53 PM, Joel Schneider wrote:
The following documents contain additional information relevant to
this
topic:
http://www.ogf.org/documents/GFD.125.pdf
http://www.eurogrid.org/ca/eurogrid-ca-policy.pdf
The EUROGRID document describes steps taken in November 2002 to
discontinue usage of the "nsCertType" extension, and the OGF document
specifies a policy that hash algorithms with known weaknesses, such as
MD5, must not be used in new certificates.
Alan Sill, Ph.D
TIGRE Senior Scientist, High Performance Computing Center
Adjunct Professor of Physics
TTU
====================================================================
: Alan Sill, Texas Tech University Office: Admin 233, MS 4-1167 :
: e-mail: [EMAIL PROTECTED] ph. 806-742-4350 fax 806-742-4358 :
====================================================================
