Index of /distribution/igtf/1.62
IGTF Distribution of Authority Root Certificates
This is version 1.62 of the distribution, built on Wednesday, 18 Feb, 2015
The distribution contains root certificates and related meta-information:
Certificate Revocation List (CRL) locations, contact information, and signing
policies. This distribution is subject to the IGTF Federation Document
and the appropriate charters and authentication profiles.
Please refer to your local PMA (EUGridPMA, APGridPMA or TAGPMA) for more
The IGTF itself does not provide identity assertions but instead
asserts that - within the scope of its charter - the certificates issued by
the Accredited Authorities meet or exceed the relevant guidelines.
PLEASE NOTE that this assertion extends only to accredited authorities,
i.e., those authorities of which the trust anchor is contained in the
"accredited/" subdirectory of this distribution!
You can install the trust anchors in the following ways:
* install all packages from the "accredited/" directory tree for
the RPM, tar.gz or Java Key Store format directories manually.
These correspond to all accredited CAs from all profiles.
* use a RPM package manament system like "yum" to install the
where PROFILE is the name of the profile (e.g., classic, mics or slcs)
You should install ALL policy bundles corresponding to the
authentication profiles you want to accept.
* use the "dists/" directory and containing DEB packages for Debian
and derived operating systems (see also dists/README.txt)
* install all authorities with the installation tarball bundle
"igtf-policy-installation-bundle-1.62.tar.gz", using the
"./configure --with-profile=NAME && make && make install" mechanism.
This tarball can be found in the "accredited/" directory.
The tar-ball containts a README.txt with detailed instructions.
You can specify multiple "--with-profile" arguments to include
more than CAs from one authentication profile.
Please make sure you validate the correctness of the trust anchors with the
TERENA Academic CA Repository (https://www.tacar.org/) where possible.
This distribution contains, for your convenience, also selected other CAs
in the "unaccredited/" and "experimental/" directories. These are NOT
part of the accredited trust fabric and you install these at your own risk.
Comments and suggestions for improvement of this distribution are welcome;
please send them to <firstname.lastname@example.org>. For more information, see
the web site:
[this is release 1]