This is the README file for certificates.tar.gz, available at
<ftp://ftp.ncsa.uiuc.edu/aces/ncsa_ca/certificates/certificates.tar.gz>.

This gzipped tar file contains the certificates and signing policies
for various certificate authorities (CAs), as well as a copy of this
README file.

The tar file, certificates.tar.gz, contains the README file, the
certificate files, and the signing_policy files at the top level; there
is no "certificates" directory.  If you wish to accept certificates
issued by all these CAs, you should unpack the certificates.tar.gz
directly into your /etc/grid-security/certificates directory (or
into $GLOBUS_LOCATION/share/certificates).

Here is the output of "tar ztvf certificates.tar.gz" 
-rw-r--r-- root/root       806 2003-05-21 14:21:13 42864e48.0
-rw-r--r-- root/root       209 2002-08-09 19:56:02 42864e48.signing_policy
-rw-r--r-- root/root      1574 2003-06-23 11:11:31 4a6cd8b1.0
-rw-r--r-- root/root       245 2003-06-23 11:13:51 4a6cd8b1.signing_policy
-rw-r--r-- root/root      1298 2002-08-09 19:56:02 5aba75cb.0
-rw-r--r-- root/root       224 2002-08-09 19:56:02 5aba75cb.signing_policy
-rw-r--r-- root/root       953 2002-02-04 15:46:39 6349a761.0
-rw-r--r-- root/root      1519 2002-02-11 17:06:09 6349a761.signing_policy
-rw-r--r-- root/root      1679 2002-02-11 17:04:09 9d8753eb.0
-rw-r--r-- root/root      1386 2002-02-11 17:03:16 9d8753eb.signing_policy
-rw-r--r-- root/root      3747 2003-06-25 10:26:15 README
-rw-r--r-- root/root      1261 2002-08-09 19:56:02 a7792cdb.0
-rw-r--r-- root/root       185 2002-08-09 19:56:02 a7792cdb.signing_policy
-rw-r--r-- root/root      1419 2002-08-09 19:56:02 b2cb8d2c.0
-rw-r--r-- root/root       266 2002-08-09 19:56:02 b2cb8d2c.signing_policy
-rw-r--r-- root/root      1452 2002-08-09 19:56:02 b89793e4.0
-rw-r--r-- root/root       175 2002-08-09 19:56:02 b89793e4.signing_policy
-rw-r--r-- root/root      1444 2003-02-13 09:44:53 bc82f877.0
-rw-r--r-- root/root       259 2002-08-09 19:56:02 bc82f877.signing_policy

Here is a listing of the contents of this directory, and the
corresponding CA:

DOE SG:
/O=DOE Science Grid/OU=Certificate Authorities/CN=Certificate Manager
	6349a761.0
	6349a761.signing_policy

/DC=net/DC=es/OU=Certificate Authorities/OU=DOE Science Grid/CN=pki1
	9d8753eb.0
	9d8753eb.signing_policy

Globus CA:
/C=US/O=Globus/CN=Globus Certification Authority
	42864e48.0
	42864e48.signing_policy

New NCSA CA:
/C=US/O=National Center for Supercomputing Applications/OU=Certification Authority
	4a6cd8b1.0
	4a6cd8b1.signing_policy

Alliance CA:
/C=US/O=National Computational Science Alliance/OU=Certification Authority
	5aba75cb.0
	5aba75cb.signing_policy

NPACI CA (CURRENT):
/C=US/O=NPACI/OU=SDSC/CN=Certificate Manager/USERID=certman
/C=US/O=NPACI/OU=SDSC/CN=Certificate Manager/0.9.2342.19200300.100.1.1=certman
	b89793e4.0
	b89793e4.signing_policy

NPACI CA (OLD):
/C=US/O=NPACI/OU=SDSC/CN=Certificate Manager
	a7792cdb.0
	a7792cdb.signing_policy

NASA CA (CURRENT):
/O=Grid/O=National Aeronautics and Space Administration/OU=Ames Research Center/CN=Certificate Manager
	bc82f877.0
	bc82f877.signing_policy

NASA CA (OLD):
/CN=Certificate Manager/OU=Ames Research Center/O=National Aeronautics and Space Administration/O=GRID
	b2cb8d2c.0
	b2cb8d2c.signing_policy

Note 1:
The Distinguished Name of the current NPACI CA certificate
(b89793e4.0) may appear as either
/C=US/O=NPACI/OU=SDSC/CN=Certificate Manager/USERID=certman
or
/C=US/O=NPACI/OU=SDSC/CN=Certificate Manager/0.9.2342.19200300.100.1.1=certman
depending on the software being used.

Note 2:
The signing policy for the old and new NPACI CAs overlap; they can
both sign certificates of the form '/C=US/O=NPACI/*'.  This is not
a problem.

Assembled by Joe Greenseid, <jgreen@ncsa.uiuc.edu>

Last updated Thu 2003-07-03 by Joe Greenseid <jgreen@ncsa.uiuc.edu>.
