As described in https://wiki.egi.eu/wiki/PROC12_Production_Service_Decommissioning, I am writing this to notify and track the decommissioning of the following services hosted at INFN-FERRARA:

grid0.fe.infn.it (CREAM-CE)

The following timeline will be applied for the decommissioning steps:

Mon, Dec 21, 2020 - Announcement: Creating a GGUS ticket and EGI Broadcast
Thu, Jan 07, 2021 - Start of the downtime with Warning of Severity two weeks before the service decommission. Jobs will be allowed to submit and run until the end of the day of services. Jobs must complete and secure outputs before the end of the service.
Mon, Jan 11, 2021 - Service will be decommissioned and removed from the GOCDB.

Sincerely yours,
Andrea
Affected ROC/NGI: NGI_IT
Affected Site: INFN-FERRARA

Dear all,

EUGridPMA has announced a new set of CA rpms. Based on this IGTF release a new set of CA RPMs has been packaged for EGI.

Please upgrade until 2020.08.21 at your earliest convenience. When this timeout is over, SAM will throw critical errors on CA tests if old CAs are still detected.

Please check https://wiki.egi.eu/wiki/EGI_IGTF_Release for more details
EGI UMD software provisioning Team
The following release notes accompany this version:
European Grid Infrastructure EGI Trust Anchor release 1.108 2020.12.14

------------------------------------------------------------------------------
For release DOCUMENTATION available on this EGI Trust Anchor release see
https://wiki.egi.eu/wiki/EGI_IGTF_Release
------------------------------------------------------------------------------

This is the EGI Trust Anchor release, based on the updated IGTF Accredited CA
distribution version 1.108-1 with the specific DOGWOOD CA in
meta-package "ca-policy-egi-combined-adequacy-model-1.108-1"
that supports the model of joint assurance provision as detailed in the
EGI Policy on Acceptable Authentication Assurance.

The following notices are republished from the IGTF, inasfar as pertinent to
this release. Details are found in the newsletter https://www.eugridpma.org/

Changes from 1.107 to 1.108
---------------------------
(14 December 2020)

* Added DigitalTrust classic IGTF specific and public trust IGTF CAs (AE)
* Updated PCS MyProxy SLCS CRL URL location (US)

The CA modifications encoded in both "requires" and "obsoletes" clauses (RPM)
and Conflicts/Replaced clauses (Debian) have been incorporated in the above-
mentioned meta-packages. This release is best enjoyed with fetch-crl v3 or
better, available from GNU/Linux OS add-on repositories Fedora, EPEL, Debian,
and from the IGTF at https://www.igtf.net/fetch-crl

IMPORTANT NOTICE:
This release contains a new "cam" (combined assurance/adequacy) package
based on the approved policy on differentiated assurance. See details on
the EGI Wiki at https://wiki.egi.eu/wiki/EGI_IGTF_Release#cam-impl
TECHNICALLY THIS MEANS THAT
you must ONLY install the new ca-policy-egi-cam packages if you ALSO
at the same time implement VO-specific authorization controls in your
software stack. This may require reconfiguration or a software update. See
https://wiki.egi.eu/wiki/EGI_IGTF_Release#cam-impl
OTHERWISE
just only install or update the regular ca-policy-egi-core package. There
are no changes in this case. The ca-policy-egi-core package is approved for
all VOs membership and assurance models. No configuration change is needed.

Policy on Acceptable Authentication Assurance (Updated 1 Feb 2017)
------------------------------------------------------------------
If a VO registration service or e-Infrastructure registration service is
accredited by EGI to meet or exceed the approved authentication assurance
profiles, an IGTF accredited Authority meeting the Assurance Profile DOGWOOD
- used solely in combination with said registration service - is also
adequate for user authentication. This policy has been adopted on Feb 1st,
2017, and is available at https://documents.egi.eu/document/2930
In the PKI Technology Rendering, EGI thus approves the IGTF SLCS, MICS, and
Classic APs for general use (egi-core), and in addition the IOTA AP for use
in combination with VO registration services that themselves meet the
aforementioned requirements. This additional restriction must be implemented
by each service in the authorization software. The "combined assurance"
model package must not be installed unless the additional authorization is
in place. You will need to reconfigure and may need to install upgrades.

Version information: ca-policy-egi-combined-adequacy-model = 1.108-1

Dear VO managers

CREAM-CE service grid30.lal.in2p3.fr is going to be decommissioned from GRIF (LAL) site after 15 Dec 2020.
Already, HTCondor-CE as a replacement of site’s CREAM are in production with following endpoint:
- grid06.lal.in2p3.fr (TCP port 9619, queue=default)
Please could you switch your configuration as soon as posible and use the htcondor instance.

with best regards

Vamvakopoulos Emmanouil on behalf of
IJCLAB - Exploitation Group

Dears,

We wish to inform that the CREAM-CE service is going to be decommissioned at IN2P3-IRES:
* sbgce1.in2p3.fr (CREAM-CE)

Following the procedure described here: https://wiki.egi.eu/wiki/PROC12_Production_Service_Decommissioning

The timeline is detailed in the following ticket:
https://ggus.eu/index.php?mode=ticket_info&ticket_id=149783

The downtime will start the 21st of December.

Best regards,

Jerome Pansanel

Dear,

Here is the detailed timeline for the decommissioning of our CREAM CE cream02.iihe.ac.be:
* on the 14th of Dec: the CE will be put in downtime;
* on the 21st of Dec: the service will be removed.
In between, you are kindly invited to take the needed actions in order to stop the submission of jobs to this CE and to use instead our new CE testumd-htcondorce.iihe.ac.be.
Kind Regards,
The IIHE Grid Team

Dear all,

we have recently updated the vomsmania.cnaf.infn.it certificate, this the new subject and issuer:

subject: /DC=org/DC=terena/DC=tcs/C=IT/L=Frascati/O=Istituto Nazionale di Fisica Nucleare/CN=vomsmania.cnaf.infn.it
issuer: /C=NL/O=GEANT Vereniging/CN=GEANT eScience SSL CA 4

Please update your configurations as soon as possible.

Diego
NGI_IT