Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Difference between revisions of "URT:Agenda-08-02-2016"

From EGIWiki
Jump to navigation Jump to search
Line 20: Line 20:
The latest version of java openjdk ( 1.6/1.7/1.8) on SL5/Sl6 and SL7 disabled the support for MD5 signed certificates,  
The latest version of java openjdk ( 1.6/1.7/1.8) on SL5/Sl6 and SL7 disabled the support for MD5 signed certificates,  
this has created issued for the WLCG VOs mainly for 2 reasons:
this has created issued for the WLCG VOs mainly for 2 reasons:
- some users still have MD5 signed certs, most of them have been renewed but still some are available
* some users still have MD5 signed certs, most of them have been renewed but still some are available
- there is still some software running ( mainly part of the Experiment framework) which makes use of old components still signing with MD5 : i.e. HTCondor 3.2.x which includes an old version of Cream client still signing with MD5. In this particular case we have asked to upgrade the version of HT Condor, but we are still investigating if other components are using MD5
* there is still some software running ( mainly part of the Experiment framework) which makes use of old components still signing with MD5 : i.e. HTCondor 3.2.x which includes an old version of Cream client still signing with MD5. In this particular case we have asked to upgrade the version of HT Condor, but we are still investigating if other components are using MD5


we have sent a broadcast to the sites to ask not to upgrade to the latest java or to enable again MD5 in the configuration. Once we will be sure that MD5 is not there , we will contact again the sites to ask to upgrade java and disable MD5
we have sent a broadcast to the sites to ask not to upgrade to the latest java or to enable again MD5 in the configuration. Once we will be sure that MD5 is not there , we will contact again the sites to ask to upgrade java and disable MD5

Revision as of 12:19, 8 February 2016

Meeting

Calendar: https://indico.egi.eu/indico/categoryDisplay.py?categId=107

News

Status of the products verification/staged rollout

Ready tobe Released

Under Staged Rollout

In Verification

Report from WLCG MW Officer

The latest version of java openjdk ( 1.6/1.7/1.8) on SL5/Sl6 and SL7 disabled the support for MD5 signed certificates, this has created issued for the WLCG VOs mainly for 2 reasons:

  • some users still have MD5 signed certs, most of them have been renewed but still some are available
  • there is still some software running ( mainly part of the Experiment framework) which makes use of old components still signing with MD5 : i.e. HTCondor 3.2.x which includes an old version of Cream client still signing with MD5. In this particular case we have asked to upgrade the version of HT Condor, but we are still investigating if other components are using MD5

we have sent a broadcast to the sites to ask not to upgrade to the latest java or to enable again MD5 in the configuration. Once we will be sure that MD5 is not there , we will contact again the sites to ask to upgrade java and disable MD5

Updates from Technical Providers

dCache

DPM/LFC

Data management clients

FTS

ARC

  • Jon will be away on parental leave until May 25.

QCG

Globus

Changing the default name compatibility mode to strict RFC

Reminder: the release of the update that will change the default name compatibility mode from "HYBRID" to "STRICT_RFC2818" is planned for April 1, 2016.

xrootd

Discussions

AOB

Next meeting: February 22th, 2016