diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..24765f1 --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +*~ +\#* +.#* +ports/*/work + diff --git a/ports/globus-clients/Portfile b/ports/globus-clients/Portfile index d8b6a80..a728756 100644 --- a/ports/globus-clients/Portfile +++ b/ports/globus-clients/Portfile @@ -34,9 +34,7 @@ depends_run port:globus-ftp-client \ port:fetch-crl \ port:gsi-openssh \ port:myproxy \ - port:voms \ - port:globus-gram-client-tools \ - port:globus-proxy-utils + port:voms distfiles diff --git a/ports/igtf-certificates/Portfile b/ports/igtf-certificates/Portfile index 61db7a8..2c14a10 100644 --- a/ports/igtf-certificates/Portfile +++ b/ports/igtf-certificates/Portfile @@ -1,26 +1,63 @@ +# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4 # $Id$ PortSystem 1.0 name igtf-certificates -version 1.52 +version 1.54 categories security -maintainers nikhef.nl:dennisvd nbi.ku.dk:skou -description The trusted IGTF CA-certificates -homepage http://www.igtf.net platforms darwin +maintainers nikhef.nl:dennisvd openmaintainer + +license { CCBY-3 Permissive } MPL-1.1+ + +description The IGTF trusted certificates and metadata + +long_description \ + The International Grid Trust Federation (IGTF) maintains a list of trust \ + anchors, root certificates and related meta-information for all the \ + accredited authorities, i.e., those that meet or exceed the criteria \ + mentioned in the Authentication Profiles accepted by the IGTF. \ + For a list of those profiles, please refer to the website. + +homepage http://www.igtf.net + master_sites http://dist.eugridpma.info/distribution/igtf/${version} -distfiles igtf-policy-installation-bundle-${version}.tar.gz -checksums sha256 3de95c40b32345cf6b07f4def744dc7d7502e73b494dd165a4067e6d5356793a \ - rmd160 7a98be1b7070a701bff262638f484bdcaca5681e +distname igtf-policy-installation-bundle-${version} + +checksums md5 6ed91458ce7f96565793b06818b1d487 \ + rmd160 3aa0f5954992bb41434e601c62a1c4a8688e32ef \ + sha256 6b83ddf67a84380296c98428de7b834214ec9ca1a3081668f1a1ed5313bab38c -worksrcdir igtf-policy-installation-bundle-${version} -configure.args-append --with-profile=classic --with-profile=slcs --with-profile=mics --prefix=${destroot}/${prefix}/etc/grid-security/certificates +configure.args-append \ + --with-profile=classic \ + --with-profile=slcs \ + --with-profile=mics \ + --prefix=${destroot}/${prefix}/etc/grid-security/certificates build {} post-destroot { - # symlink GLOBUS_LOCATION/share/certificates to the igtf distribution - # so tools automatically find the CAs + # symlink, so that tools find the certificates + # (from $GLOBUS_LOCATION/share/ to locate defined IGTF distribution) + # ln -s ${prefix}/etc/grid-security/certificates ${destroot}${prefix}/share/ + + # add copies of license files, to comply with licensing + # REMINDER: change this for version 1.55 + set dest_doc ${destroot}${prefix}/share/doc + xinstall -d ${dest_doc} + xinstall -m 644 -W ${worksrcpath} \ + README.txt \ + ${dest_doc} + xinstall -m 644 -W ${portpath}/files \ + CHANGES.txt \ + LICENSE.txt \ + LICENSE_CC-BY-3.0.txt \ + LICENSE_MPL-1.1.txt \ + ${dest_doc} } + +livecheck.type regex +livecheck.url http://dist.eugridpma.info/distribution/igtf +livecheck.regex ">(\\d+\\.\\d{2})/<" diff --git a/ports/igtf-certificates/files/CHANGES.txt b/ports/igtf-certificates/files/CHANGES.txt new file mode 100644 index 0000000..ab8dcd0 --- /dev/null +++ b/ports/igtf-certificates/files/CHANGES.txt @@ -0,0 +1,763 @@ +CHANGES +------- +This file lists changes made to the IGTF Trust Anchor distribution. Please +refer to the README.txt file for additional information on installing the +Distribution and to be informed about important information on distribuion +lay-out. + +Changes from 1.54 to 1.55 +------------------------- +(25 November 2013) + THIS RELEASE IS THE LAST ONE ALSO TO BE DISTRIBUTED IN SINGLE HASH FORMAT + +* New root certificate with extended life time for NorduGrid CA 1f0e8352 (DK) +* Updated contact metadata for all RENATER Grid-FR related CAs (FR) +* Updated CRL URL and metadata for IHEP 2013 CA 39d30eba (CN) +* New root certificates for NCSA CA re-key: MyProxy CA 2013 c36f6349/7aa2b7bd + and Two Factor CA 2013 ca157cee/48c8f10a (US) +* New root certificate for EGI catch-all CA "SEEGRID-CA-2013" 772dbd1c (GR) +* Removed AIST Grid CA (JP) +* Discontinued IUCC CA (6fee79b0) following migration to TCS (IL) +* Suspended JUnet-CA (b3222f9e) (JO) +* Removed expired unaccredited CAs (misc) +* Added unaccredited worthless NL e-Infra Zero tutorial CA 338a3561 (NL) + +Changes from 1.53 to 1.54 +------------------------- +(24 June 2013) + +* Extended life time of Grid-KA CA (dd4b34ea) (DE) +* Added new CERN hierarchy for CERN IT/IS CA (SHA2 migration) (CH) +* Updated metadata for GridGermany DFN-CERT CAs (DE) +* Updated contact metadata for KEK (JP) +* Updated contact metadata for HKU (HK) +* Updated contact metadata for AIST (JP) + +Changes from 1.52 to 1.53 +------------------------- +(27 May 2013) + +* Added new root cert for IHEP CA (2013) (CN) +* Removed retired NCSA GridShib CA (e8ac4b61) (US) +* Removed backup crl_url locations for CILogon CAs + due to future crl.doegrids.org shutdown. (US) +* Removed retired TACC CAs (2ac09305, 684261aa, e5cc84c2) (US) +* Updated NERSC CA (b93d6240) to extend validity and change to + self-signed rather than subordinate to ESnet (US) + +Changes from 1.51 to 1.52 +------------------------- +(26 January 2013) + +* Extended validity of ArmeSFo Root CA (d0c2a341) (AM) +* Obsoleted UKeScienceCA-2007 and updated Root CRL URL and metadata (UK) +* removed expiring and unaccredited 'convenience' CAs from the + distribution (Thawte, ZA, TERENA SCS, BE) + +Changes from 1.50 to 1.51 +------------------------- +(26 November 2012) + +* Due to the unfortunate closure of Grid-Ireland, the Grid-Ireland CA + (1e43b9cc) has been discontinued (IE) +* extended expiry date for CyGrid CA (afe55e66) (CY) + +Changes from 1.49 to 1.50 +------------------------- +(24 September 2012) + +* Added accredited classic EG-GRID CA (EG) +* Extended life time of UKeScience (2007) issuing CA (UK) + +Changes from 1.48 to 1.49 +------------------------- +(30 July 2012) + +* Added ANSPGrid (126f0acf) classic CA (BR) +* Extended root cert validity for CA ce33db76 to 20yr (IR) + +Changes from 1.47 to 1.48 +------------------------- +(29 May 2012) + +* Extended life time of DFN GridGermany Root (1149214e) and CDPs (DE) + +Changes from 1.46 to 1.47 +------------------------- +(30 April 2012) + +* Updates CA URL metadata and CRL for pkIRISGrid CA (ES) +* Added accredited classic MYIFAM CA (MY) + +Changes from 1.45 to 1.46 +------------------------- +(29 March 2012) + +* Removed discontinued CESNET (9b59ecad) CA (CZ) + +Changes from 1.44 to 1.45 +------------------------- +(26 March 2012) + +* Added accredited NCSA 2-factor SLCS CA (US) + +Changes from 1.43 to 1.44 +------------------------- +(30 January 2012) + +* Added accredited classic DigiCert CA chains (US) +* Extended life time of UGRID root cert (UA) + +Changes from 1.42 to 1.43 +------------------------- +(28 November 2011) + +* Added new SWITCHslcs 2011 CA, replacing SWITCHslcs 2009 (CH) +* Updated contact information for SWITCH CAs (CH) +* Added new accredited classic JUnet CA (JO) +* Added additional CRL URL for DOEGrids CA in certificate and meta data (US) +* Added additional CRL URL for ESnet Root CA in meta data (US) +* Updated institute information for KIT in signing_policy file (DE) +* Updated enrolment URLs for Grid-FR CA (FR) + +Changes from 1.41 to 1.42 +------------------------- +(30 September 2011) + +* Corrected signing_policy file for UKeScience CA 2B (UK) + +Changes from 1.40 to 1.41 +------------------------- +(26 September 2011) + +* Added accredited PSC MyProxy SLCS CA (US) +* Updated CRL URL for LIPCA (PT) +* Extended life time of SlovakGrid CA root (SK) +* Added accredited DZ-eScience CA (DZ) +* Added accredited NICS SLCS MyProxy CA (US) +* Added new UK eScience issuing CAs 2A and 2B to allowed namespaces and + removed superfluous signing policy entries (UK) +* Normalised the certificate files (.0) for selected CAs in the 'old' format + distribution. This does not affect the 'new' OpenSSL v1+ compatible release. + Affected CAs are CESNET, NIKHEF, NIIF, DFN-GridGermany-Root, PSC-Myproxy-CA, + and NERSC-SLCS. Old and new format files are now identical. + +* The "worthless" area, containing some files that are distributed merely + for convenience for selected specific purposes, has been re-named to + "unaccredited". Files contained in this directory must be treated with + utmost care, and their inclusion in the distribution does not constitute + any form of endorsement by the IGTF of these files or their content. +* Added unaccredited InCommon Server CA to convenience directory (US) + +Changes from 1.39 to 1.40 +------------------------- +(28 June 2011) + +* Corrected fingerprint meta-data for UniAndes CA (CO) + +Changes from 1.38 to 1.39 +------------------------- +(27 June 2011) + +* Change of contact address for NAREGI CA (JP) +* Change of contact address for GermanGrid CA (DE) +* Added accredited classic HIAST CA (SY) +* Added accredited classic Uni Andes CA (CO) +* Extended life time of root certificate for SiGNET-CA (SI) +* Extended life time of root certificate for Grid-Ireland (IE) +* New issuing certificates (2A, 2B) for UKeScience (GB) +* Updated extensions for DOEGrids-CA-1 issuing CA (US) + +Changes to unaccredited information: +* Added experimental DZeScience CA (DZ) +* Extended life time for unaccredited Benelux and NE tutorial CA cert and + re-rooted namespace to new domain name (NL,BE) +* Added worthless replacement gilda 2011 CA (IT) +* Removed expired DutchDemo CA (NL) + +Changes from 1.37 to 1.38 +------------------------- +(7 February 2011) + +* Updated meta-data info file for SRCE (HR) +* Updated KEK CA root (617ff41b) with extended life time (JP) +* Updated contact email address for ArmeSFo (AM) +* Extended allowed namespace and new URL for SEE-GRID CA as EGI catch-all (EU) +* Extended allowed namespace for NAREGI CA (JP) +* Added accredited CILogin MICS CA (US) +* Extended life time for NCSA CACL (MICS) CA (US) +* Extended life time for NCSA MyProxy (SLCS) CA (US) +* Extended life time for NorduGrid CA (DK,NO,SE,FI,SI) +* Corrected namespaces file for TCS eScience Personal (EU) + +Changes from 1.36 to 1.37 +------------------------- +(27 September 2010) + +* Added accredited classic TERENA eScience SSL CA and hierarchy (EU) +* Discontinued NGO-Netrust CA (SG) +* The OpenSSL1 compliant format no longer adds symlinks for info metadata + (such references would result in multiple downloads of the same CRL data + when used with FetchCRL3) +* Corrected typo errors in namespaces file for AAACertificateServices (EU) +* Added CILogon CAs in experimental area (US) + +Changes from 1.35 to 1.36 +------------------------- +(25 June 2010) + +* Updated root certificate for PLGrid with corrected SAN extension (PL) + +Changes from 1.34 to 1.35 +------------------------- +(11 June 2010) + +* Updated root certificate for SRCE with new extensions and life time (HR) +* Updated root certificate for ROSA with new AKI extension and serial (RO) +* Removed obsoleted CAs from experimental area (US) + +Changes from 1.33 to 1.34 +------------------------- +(18 February 2010) + +* Corrected malformed EACL syntax in signing_policy for CESNET-Root-CA (CZ) + +Changes from 1.32 to 1.33 +------------------------- +(15 February 2010) + +* Added accredited MICS TCS eScience Personal CA and hierarchy (EU) +* Updated AustrianGrid root cert with extended life time (AT) +* Updated PolishGrid CA with new contact and extended root CA life time (PL) +* Removed expired CNRS-Grid-FR CA (has been superseded by CNRS2-Grid-FR) (FR) +* Removed obsolete CNRS, CNRS-Projets CA (superceded by CNRS2 hierarchy) (FR) +* Corrected namespaces file for BEGrid2008 (BE) +* Added comment line to REUNA CA signing_policy file (CL) +* Added new classic CESNET hierarchy "CESNET-CA-Root" and "CESNET-CA-3" (CZ) +* Updated (re-rooted) selected UNaccredited CAs in the "worthless" area + +Changes from 1.31 to 1.32 +------------------------- +(26 October 2009) + +* Updated country TLD in URLs and email for AEGIS CA (RS) +* Updated contact information for CALC CA (LV) +* Extended life time and updated profile or TR-Grid CA cert and CRL URL (TR) +* Updated and added references to CP and CPS documents for the following + authorities: HellasGrid (GR), ROSA (RO), DutchGrid (NL), IRAN-GRID (IR), + and BYGCA (BY) +* Withdrawn obsolete CAs SWITCH-Personal-2007, SwissSign-Root, SWITCH, + SwissSign-Bronze, SwissSign-Silver, SWITCH-Server-2007 (CH) +* Withdrawn expired and discontinued CA RMKI (HU) +* Added persistently-named links to pre-installed accredited bundles +* Added selected UNaccredited CAs to the "worthless" area + +Changes from 1.30 to 1.31 +------------------------- +(28 July 2009) + +* Removed expired root certificate for BEGrid (03aa0ecb) (BE) +* Removed expired and discontinued User and Server issuing CAs + for DFN (fe102e03 and 34f8e29c) (DE) + +Changes from 1.29 to 1.30 +------------------------- +(2 June 2009) + +* Updated contact meta-data for BYGCA, hash 709bed08 (BY) +* Updated URLs for DFN Grid PKI public web pages (DE) +* Added accredited NCSA GridShib SLCS CA (US) +* Added accredited DFN SLCS CA (DE) +* Added accredited TACC MICS CA (US) +* Added accredited SWITCH (QuoVadis anchored) CAs (CH) +* Added accredited FNAL-SLCS CA (US) + +Changes from 1.28 to 1.29 +------------------------- +(4 May 2009) + +* Restored NGO-Netrust CA (SG) +* Updated AIST Grid (CRL) URL metadata (JP) +* Added accredited MD-Grid CA with hash 9ff26ea4 (MD) +* Added accredited HKU Grid CA with hash 4798da47 (HK) +* Updated signing policy file of APAC Grid CA (AU) +* Added accredited classic BYGCA (Belarus) with hash 709bed08 (BY) +* Updated namespace for the APAC CA (AU, NZ) + +Changes from 1.27 to 1.28 +------------------------- +(10 March 2009) + +* Added accredited classic ULAGrid CA (VE) +* Added accredited TACC Root and TACC Classic CAs (US) +* Updated NERSC CRL URL download location (US) +* Updated DOEGrids CRL URL download location (US) +* Extended life time of NorduGrid CA (1f0e8352) (DK,SE,NO,FI,IS) +* Added SigmaNet CALG CA (LV) +* Updated AEGIS CA root certificate to reflect TLD name change (RS) +* Added CRL for SWITCH-SLCS issuing CA and updated CA cert (304cf809) (CH) +Other updates to miscellaneous CAs: +* Worthless CA for EGEE "GILDA" testbed added to 'worthless' section (EU) + +Changes from 1.26 to 1.27 +------------------------- +(30 January 2008) + +* Corrected signing namespace for BEGrid2008 CA (BE) +* Added NERSC SLCS CA (US) +* ASGCCA-2007 changed signature algorithm from MD5 to SHA1 (TW) +* Added new CNRS2 hierarchy: CNRS2 -> CNRS2-Projets -> CNRS2-Grid-FR (FR) +* Updated IUCC root certificate (IL) +* Obsoleted EstonianGrid CA (EE) + +Changes from 1.25 to 1.26 +------------------------- +(15 December 2008) + +* Added accredited classic Indian Grid CA (IGCA) (hash da75f6a8) (IN) +* Updated IUCC root certificate with extended life time (IL) +* Updated BEGrid (web, CRL) and UCSD-PRAGMA (web) URL metadata (BE, AP/US) +* New BEGrid2008 root certificate (transitional) (BE) +* Extended life time of the SEE-GRID CA (SEE) +* Included CRL for NCSA SLCS CA (US) +* Temporally removed NGO-Netrust CA (SG) +* Withdrawn expired old PK-Grid CA (d2a353a5, superseded by f5ead794) (PK) +* Experimentally added Texas Advanced Computer Center TACC Root, + Classic, and MICS CAs to the experimental area (US) + +Changes from 1.24 to 1.25 +------------------------- +(29 September 2008) + +* Added accredited classic NCHC CA (TW) +* Updated metadata for AIST GRID CA (JP) +* Updated AIST GRID CA (extended life time) based on same key pair (JP) +* Updated metadata for APAC Grid CA (AU) +* Updated metadata (CRL URL) for NGO-Netrust CA (SG) +* updates to CA contact data in info files (EU, multiple) +* updated certificates in the experimental or worthless areas (misc) + +Changes from 1.23 to 1.24 +------------------------- +(29 July 2008) + +* Withdrawn NCHC (hash 71a89a47) for urgent operational reasons (TW) + +Changes from 1.22 to 1.23 +------------------------- +(28 July 2008) + +* Updated metadata for CyGrid (CY), SlovakGrid (SK), Grid-FR (FR) + and NCSA-SLCS and MICS (US) +* Removed old UKeScienceRoot (8175c1cd) and UKeScience (adcbc9ef) + that were replaced in 2006 by updated root and issuing CAs (UK) +* Updated LIPCA certificate, based on same key pair (PT) +* Added accredited classic MREN CA (ME) +* Added NGO-Netrust (SG), PRAGMA-UCSD (PRAGMA), and NCHC (TW) + + +Changes from 1.21 to 1.22 +------------------------- +(09 June 2008) + +* updated extensions in PK-Grid-2007 root certificate (same keypair) (PK) +* added accredited classic CA Iran-Grid (hash ce33db76) (IR) +* withdrawn expired ASGCCA (hash a692434d) (TW) + +Changes from 1.20 to 1.21 +------------------------- +(16 May 2008) + +* IMPORTANT update of the UKeScience Root and Issuing CAs (UK) + + +Changes from 1.19 to 1.20 +------------------------- +(17 March 2008) + +* Added accredited classic MARGI CA (MK) +* Withdrawn expired SWITCH-Server-2006 and SWITCH-Personal-2006 CAs (CH) +* Corrected namespace syntax for SWITCHaai CA (CH) +* Updated namespace definitions in DFN GridGermany hierarchy (DE) +* Added dependency of TERENA-SCS on GTE-CyberTrust-Global-Root. Note that + neither the TERENA-SCS nor the GTE-CyberTrust-Global-Root are accredited. + +Changes from 1.18 to 1.19 +------------------------- +(31 January 2008) + +* Added PK-Grid-2007 Root CA certificate (will supersede d2a353a5) (PK) +* New contact email address for all PK-Grid CAs (PK) +* Updated and extended lifetime of ArmeSFo root cert with same keypair (AM) +* New CA certificate download locations for SwissSign CAs (CH) +* New classic CA UGRID (hash 0a12b607) for the Ukraine (UA) +* New classic CA UNAM-grid (hash 24c3ccde) for Mexico (MX) + +Changes from 1.17 to 1.18 +------------------------- +(16 November 2007) + +* ASGCCCA-2007 added to Accredited Classic set again (TW) +* Withdrawn expired CA "Spain" (hash 13eab55e) (ES) +* Withdrawn expired CA "SiGNET" (hash 747183a5) (SI) +* Withdrawn discontinued CA "CERN" (hash fa3af1d7) (INT) +* Updated SWITCH (classic) signing namespace policies (CH) +* Added UNLPGrid CA (classic, hash b7bcb7b2) (AR) +* Added MaGrid CA (classic, hash 7b54708e) (MA) +* New contact email address for the SlovakGrid CA (SK) +* New UK e-Science CA hierarchy "-2007" added (98ef0ee5 and 367b75c3) + Note: during the transition period, two hierarchies (both old and "2007") + will be distributed. See accompanying newsletter for details (UK) +* (selected updates to repositories containing un-accredited CAs) + +Changes from 1.16 to 1.17 +------------------------- +(8 October 2007) + +* Added new RomanianGRID CA classic authority (RO) +* Corrected several small typographic inconsistencies (DutchDemo, + apt/README.txt) +* Updates list of SWITCH eligible organisations (CH) +* New contact email addresses for the AustrianGrid CA (AT), + CNRS (FR) and IUCC (IL) +* BEGrid CA provides an http URL for CRL download (BE) +* Expired INFN (49f18420) CA withdrawn (IT) +* Updated ASGCCCA-2007 certificate extensions (TW) + +Changes from 1.15 to 1.16 +------------------------- +(8 August 2007) + +* A new profile for Member-Integrated Credential Services (MICS), has + been defined by the IGTF. A policy nstallation bundle for authorities + accredited under the MICS profile has been added to the distribution. + Please refer to the IGTF web site at http://www.gridpma.org/ for a + description of the MICS profile. +* Corrected namespaces for for APAC CA (AU) +* Added REUNA CA as a classic CA (CL) +* Added NCSA-MICS and NCSA-SLCS CAs (US) +* Added Ecole polytechnique federale de Lausanne to SWITCH namespace (CH) +* Added new KISTI (2007) classic CA (KR) +* Added Latin American and Caribbean Catch-all Grid CA (TAGPMA) +* Obsoleted expired UKeScience (01621954) Root CA (GB) +* Obsoleted expired HellasGrid-old (efe78092) Root CA (GR) +* some new roots added to the worthless area (these are not accredited CAs!) + +Changes from 1.14 to 1.15 +------------------------- +(9 July 2007) + +* Temporarily removed ASGCC CA 2007 root certificate (TW) + +Changes from 1.13 to 1.14 +------------------------- +(1 June 2007) + +* Discontinued the expired GridCanada-old CA with hash 5f54f417 (CA) +* APAC CA signing policy now als covers BeSTGRID in New Zealand (AU) +* AEGIS (Serbia) CA added (RS) +* New organisations added for SWITCH Classic CA (CH) +* DutchGrid robot certificates added to signing namespace (NL) +* Added CA with new keypair for ASGCC CA during roll-over "ASGCC-2007" (TW) + + +Changes from 1.12 to 1.13 +------------------------- +(11 March 2007) + +* Added BG.ACAD CA accredited under the classic profile (BG) +* Added SWITCHaai SLCS and (classic) Root CA (CH) + NOTE: the SWITCHaai SLCS CA is included in the ca_policy_igtf-slcs bundle +* Extended lifetime of CyGrid CA to 2013 based on same key pair (CY) +* Updated ArmeSFO CA root certificate following TACAR (AM) +* Discontinued old (pre-2004) LIP CA (PT) +* Extended lifetime of NorduGrid CA for 2 years (DK) +* Added TERENA SCS CA hierarchy to the "worthless" area. Please note + that the SCS CA has not been accredited yet (EU) + +Changes from 1.11 to 1.12 +------------------------- +(09 February 2007) + +* Extended life time of root certificate for SlovakGrid (SK) +* Obsoleted Russian DataGrid CA also in RPM updates (RU) +* Fixed SHA-1 finger print for new SiGNET CA (SI) +* Add NECTEC GOC CA (TH) +* Added SWITCH Personal and Server 2007 CAs, removed 2005 CAs (CH) +* Extended life time of root certificate for PolishGrid (PL) +* Changed CRL URL of the NAREGI CA from https to http (JP) + +Changes from 1.10 to 1.11 +------------------------- +(10 January 2007) + +* updated signing policy files for SWITCH CA (CH) +* change crl_url from https to http for KEK (JP) +* change crl_url from https to http for AIST (JP) +* extended lifetime of ESnet (+10y) and DoEGrids (+5y) CA certs (US/DoE) +* withdrawn Russian DataGrid CA (has been superseded by RDIG) (RU) + +Changes from 1.9 to 1.10 +------------------------ +(17 October 2006) + +* New public web page for the BEGrid CA in metadata info file (BE) +* New contact email addresses for: + HellasGrid and SEE-GRID (GR, SEE), INFN CA (IT), Grid-Ireland (IE), + DOEGrids CA (US/DOE), ASGCCA (TW), APAC (AU) +* New CERN CA added (root and on-line CA), managed by CERN IT/IS (CERN) +* New INFN CA issue 2006 to replace current one (expiring 2007) (IT) +* Retired SWITCH-SSSR hierarchy pending replacement of the tree (CH) +* Added new organisations to the SWITCH namespace (CH) +* Removed KISTI CA (KR) + +Changes from 1.8 to 1.9 +----------------------- +(11 September 2006) + +* New SiGNET CA (with 2048-bit key length) and new Subject DN (SI) +* New HellasGrid CA (both Root and EE) issue 2006 added (GR) +* Modified CINC Root and CINC SDC CA certificate extensions: + removed SubjectAltName and IssuerAltName. (CN) +* Updated extendedKeyUsage and nsCertType extension in AustrianGrid CA (AT) + +Changes from 1.7 to 1.8 +----------------------- +(07 August 2006) + +* added O=Universitaet St. Gallen to the list of SWITCH Organisations (CH) +* added newly accredited CINC Root CA and CINC SDC Grid CA (CN) +* added new root certificate for the NAREGI CA (JP) + +Changes from 1.6 to 1.7 +----------------------- +(24 July 2006) + +* removed CESNET-old from accredited list and obsoleted in RPM distribution +* Added new accredited SRCE (Croatia) classic CA +* Added new accredited BrGrid (Brazil) classic CA +* New root and online CA certificates for updated UKeScience CA + +Changes from 1.5 to 1.6 +----------------------- +(20 June 2006) + +* Removed NAREGI CA with too-short root certificate key length + +Changes from 1.4 to 1.5 +----------------------- +(19 June 2006) + +* new CRL download URL for the RDIG CA +* extended lifetime of root trust anchor for the GermanGrid CA (GridKa CA) + old expiration date: Jun 10 13:45:54 2007 GMT + new expiration date: Jun 10 13:45:54 2014 GMT +* extended lifetime of root trust anchor for the Grid-Ireland CA (TCD) + old expiration date: Jul 27 17:10:40 2007 GMT + new expiration date: Jul 27 17:10:40 2012 GMT +* ASGCC CA no longer authoritative for "/C=CN/O=IHEP/OU=CC/*" +* AIST CA updated with new X.509v3 extensions (same keypair) +* change in list of supported organisations for SWITCH CA (Switserland) + +Changes from 1.2 to 1.4 +----------------------- +(15 May 2006) + +* increased version number of the distribution by two to accomodate + RPM version inconsistencies in the release system of the LCG project +* Extended life time for the CA root certificate of the NorduGrid CA + +Changes from 1.1 to 1.2 +----------------------- +(13 Apr 2006) + +* new contact email address for KISTI CA +* consistent quote formatting for pkIRISgrid signing_policy file +* updated DutchDemo CA root certificate (in the worthless area) +* suspended SWITCH Silver-root based hierarchy, since CRLs are not ready +* added new organisation to the SWITCH namespace +* changed ArmeSFO CRL download location to new server +* new pkIRISGrid root certificate (same keypair) from TACAR added +* added extra double quotes to the UK eScience signing policy file + +Changes from 1.1 R1 to 1.1 R2 +----------------------------- +(22 Feb 2006) + +NOTE: THERE ARE NO CHANGES TO THE CONTENT IN THIS SUB-RELEASE +* Corrected typo in the obsoletion of the old ca_CNRS-DataGrid +* Improved understandability of the igtf-policy-installation-bundle + + +Changes from 1.0 to 1.1 +----------------------- +(20 Feb 2006) + +* Corrected malformed signing_policy file for CESNET-old +* New (generic) email address for the LIP and LIPCA CAs +* Expired Cygrid-old and CNRS-Datagrid CAs. The IGTF-classic + meta-RPM package implicitly obsoletes there two discontinued CAs +* Added alternative syntax for namespace constraints in .namespaces + files. See http://www.eugridpma.org/documentation/ for details +* Added pkIRISGrid CA as an accredited:classic CA +* Corrected SWITCH CA hierarchy, adding the SWITCH Server and Personal + CAs inbetween the SWITCH CA and the end-entities +* New 2006+ SWITCH Personal and Server CAs in the SwissSign Root-originating + hierarchy +* New SwissSign Silver-Root and hierarchy added +* New authorities from the APGridPMA: APAC GRID, KEK GRID, and NAREGI CA +* New GridCanada CA root, renamed the "5f54f417" CA to GridCanada-old +* New root cert (with same keypair) for the worthless DutchDemo CA +* Pre-installed CA tarballs added for the classic and SLCS profiles + +Changes from 0.32 to 1.0 +------------------------- +(25 October 2005) + +* IGTF policy metapackages replace EUGridPMA-only ones. The legacy + "ca_policy_eugridpma" RPMs now depend on their IGTF counterparts. The + EUGridPMA specific files will be withdrawn in a future release. +* New directory structure moves all data regarding accredited authorities + to the singe "accredited/" directory (including the policy meta-RPM) +* Tar-ball installation now supports multiple profiles and targets +* Meta-data (".info") for each CA added, and installed in trusted directory +* The "experimental" profile supercedes the "others/" area in the distribution + (note: this affects the FNAL_KCA, which will shortly be added as an + accredited authority under the new Short-Lived Credential Services profile) +* Discontinued authorities are no longer distributed +* Only accredited authority RPM packages are signed by the PMA's GPG key +* APGridPMA accreditations added: KISTI and AIST +* New EUGridPMA accreditations: TR-Grid and BalticGrid +* CRL URL for SiGNET changed to http instead of https +* Added compatibility namespace for NIIF "/C=HU/O=NIIF CA/OU=NIIF/OU=GRID/*" + +Changes from 0.31 to 0.32 +------------------------- +(23 August 2005) + +* Corrected namespace for the new CESNET CA +* New RDIG root certificate with a 2048 bit key length for increased + compatibility with existing software suites. + +Changes from 0.30 to 0.31 +------------------------- +(15 July 2005) + +* Corrected packaging problem which left RDIG out of accredited CA group +* renamed the "unknown/" directory to "discontinued/" +* Added explanatory text to the distribution regarding the "other/", + "worthless/" and "discontinued/" directories + + +Changes from 0.29 to 0.30 +------------------------- +(12 July 2005) + +* Added IHEP CA for China +* Added DFN GridGermany CA (Root, User and Server CAs) +* Added RDIG CA (will replace the Russian DataGrid CA) +* New namespace allocation for the IUCC CA: "/C=IL/O=IUCC/*" +* Added updated CESNET Root cert and renamed the old one to "CESNET-old" + for legacy compatibility. The new CESNET CA started operating on June 17th +* FNAL root CA service has been discontinued and thus removed from the + accredited list +* RPMs are now signed (experimentally) with PGP keyID 3CDBBC71. This key, + the "EUGridPMA Distribution Signing Key 3" can be obtained from the + popular PGP key servers, where it has been signed by the current PMA Chair, + David Groep. It can also be downloaded from the web distribution site: + GPG-KEY-EUGridPMA-RPM-3 + + +Changes from 0.28 to 0.29 +------------------------- +(27 April 2005) + +* New root certificate for the NIIF/Hungarnet CA, following the TACAR update +* Preliminary inclusion of the SWITCH CA certificates. Note that the + ordering of the components in the end-entity DN will currently prevent + the end-entity certs to be validated (this is being addressed by SwissSign) +* Modified layout of the tar distribution, in preparation for support of + multiple authentication profiles + +Changes from 0.27 to 0.28 +------------------------- +(6 April 2005) + +* Added the root certs for the newly accredited CAs "AustrianGrid" and + "NIIF/Hungarnet" +* updated signing policy file of SiGNET CA to handle new emailAddress + DN component name +* added "BalticGrid CA" in the "worthless" section, for experimentation + by AndersW +* UKeScience CA changed to SHA1 digest for the root certificate +* new CRL and CA URLs for both CyGrid CAs + +Changes from 0.26 to 0.27 +------------------------- +(22 February 2005) + +* added additional entry to UKeScience signing policy file to accomodate + openssl 0.9.7c rendering of emailAddress component in the subject DN +* updated DutchGrid CA cert from web site: extended lifetime to 2021 and + changed digest algorithm from MD5 to SHA1 +* added a tar-ball distribution with a configure scrfipt for convenience +* Removed DOESG-Root from the accredited CA list, as per request of of + the CA on January 28, 2005. There are no certs left issued by this CA. +* Added Grid-FR CA by CNRS, and extended the signing_policy file of the + associated CNRS-Projets CA. +* A new root certificate for the CyGrid CA (with a new subject name). The + old CyGrid CA has been moved to "-old". Both are in the accredited list. + The new CRL location has been added. + +Changes from 0.25 to 0.26 +------------------------- + +* Added KFKI-RMKI-CA for Hungary +* removed Spain-old + +Changes from 0.24 to 0.25 +------------------------- + +* Added the new Spain CA with hash 13eab55e and alias: Spain +* Rename the Spain CA to Spain-old (expires on 2004-11-12) + + +Changes from 0.23 to 0.24 +------------------------- + +* Added the Slovenian SiGNET CA with hash 747183a and alias: SiGNET +* Added the SEE-GRID CA with hash 468d15b3 and alias: SEE-GRID +* Added the Estonian Grid CA, with hash 566bf40f and + alias: EstonianGrid +* Added the updated LIP CA (called "LIPCA") with hash 11b4a5a2, which + will supercede the old one with hash 41380387. The "LIP" one + will remain in the repository will the end of 2005. +* Added RPM requirements that reflects CA chaining: + CNRS-Projects requires CNRS + CNRS-DataGrid requires CNRS-Projects + DOEGrids requires ESnet + +Changes from 0.22 to 0.23 +------------------------- + +* Added the root certificate for the PK-Grid CA, with MD5 fingerprint + 24:A0:A7:DD:46:1B:EB:AE:7F:33:CA:5F:FA:D7:37:F8 + + +Changes from 0.21 to 0.22 +------------------------- + +* A new root certificate for "Russia" (Russian DataGrid CA) has replaced + the one that was valid till July 18th, 2004. The old MD5 fingerprint was + AE:3D:F5:F2:DD:CF:B0:10:99:7A:6D:74:3C:FB:4A:22, the new one, valid till + July 19th, 2009 is: A4:56:E2:01:E6:DB:86:F6:FC:5B:E5:6C:9D:A5:E1:06. + The new root cert was received in an S/MIME signed message by Lev + Shamardin, signed with a personal cert issued by the old root. + The old root cert has been withdrawn from the package entirely. +* The BEGrid signing_policy is not resistant against the OpenSSL 0.9.6 to + 0.9.7 namechange in the emailAddress DN component. + +Changes from 0.20 to 0.21 +------------------------- + +* Added the IUCC and BEGrid root certs diff --git a/ports/igtf-certificates/files/LICENSE.txt b/ports/igtf-certificates/files/LICENSE.txt new file mode 100644 index 0000000..1ca841a --- /dev/null +++ b/ports/igtf-certificates/files/LICENSE.txt @@ -0,0 +1,41 @@ +Licensing + +The International Grid Trust Federation (IGTF) distributes or re- +distributes information and data related to the trust fabric. This +distribution contains information generated collectively, as well as +contributions by members and third parties. + +Trust Anchors are owned by the respective authorities or their +contractors, and are made available by their owners under the +Creative Common Attribution 3.0 "CC-BY-3.0" (unported) license +(http://creativecommons.org/licenses/by/3.0). + +The following trust anchor meta-data: 'info' meta-data file, crl-url +file, signing policy files, namespaces files, and the distribution +documentation (including change log and release notes) are owned +jointly and individually by the members of the Policy Management +Authorities participating in the International Grid Trust Federation. +These data are made available under the Creative Common Attribution +3.0 "CC-BY-3.0" (unported) license +(http://creativecommons.org/licenses/by/3.0). + +Selected trust anchors from third parties have been obtained from web +browser distributions by Mozilla and have been verified for +correctness with respect to their original versions. These portions +are reproduced without modification as part of this larger work, as +per the Mozilla Public License 1.1, section 2.1 sub a "MPL 1.1" +(http://www.mozilla.org/MPL/MPL-1.1.html). + +Unless specifically stated otherwise, these licenses extend solely to +the trust anchors and the directly associated meta-data listed above +and does not extend to the Certificate Policy (CP) document, the +Certificate Practice Statements (CPS), or any other documentation, +software, or services made available by the member authorities or +others. CP, CPS, and any other information provided is owned by the +respective members and subject to the license conditions stated +therein. + +Anyone using the Distribution is specifically reminded of sections 5 +and 6 of the CC-BY-3.0 license, as well as sections 7 and 9 of the +MPL 1.1. + diff --git a/ports/igtf-certificates/files/LICENSE_CC-BY-3.0.txt b/ports/igtf-certificates/files/LICENSE_CC-BY-3.0.txt new file mode 100644 index 0000000..1d658d6 --- /dev/null +++ b/ports/igtf-certificates/files/LICENSE_CC-BY-3.0.txt @@ -0,0 +1,319 @@ +Creative Commons Legal Code + +Attribution 3.0 Unported + + CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE + LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN + ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS + INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES + REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR + DAMAGES RESULTING FROM ITS USE. + +License + +THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE +COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY +COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS +AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. + +BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE +TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY +BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS +CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND +CONDITIONS. + +1. Definitions + + a. "Adaptation" means a work based upon the Work, or upon the Work and + other pre-existing works, such as a translation, adaptation, + derivative work, arrangement of music or other alterations of a + literary or artistic work, or phonogram or performance and includes + cinematographic adaptations or any other form in which the Work may be + recast, transformed, or adapted including in any form recognizably + derived from the original, except that a work that constitutes a + Collection will not be considered an Adaptation for the purpose of + this License. For the avoidance of doubt, where the Work is a musical + work, performance or phonogram, the synchronization of the Work in + timed-relation with a moving image ("synching") will be considered an + Adaptation for the purpose of this License. + b. "Collection" means a collection of literary or artistic works, such as + encyclopedias and anthologies, or performances, phonograms or + broadcasts, or other works or subject matter other than works listed + in Section 1(f) below, which, by reason of the selection and + arrangement of their contents, constitute intellectual creations, in + which the Work is included in its entirety in unmodified form along + with one or more other contributions, each constituting separate and + independent works in themselves, which together are assembled into a + collective whole. A work that constitutes a Collection will not be + considered an Adaptation (as defined above) for the purposes of this + License. + c. "Distribute" means to make available to the public the original and + copies of the Work or Adaptation, as appropriate, through sale or + other transfer of ownership. + d. "Licensor" means the individual, individuals, entity or entities that + offer(s) the Work under the terms of this License. + e. "Original Author" means, in the case of a literary or artistic work, + the individual, individuals, entity or entities who created the Work + or if no individual or entity can be identified, the publisher; and in + addition (i) in the case of a performance the actors, singers, + musicians, dancers, and other persons who act, sing, deliver, declaim, + play in, interpret or otherwise perform literary or artistic works or + expressions of folklore; (ii) in the case of a phonogram the producer + being the person or legal entity who first fixes the sounds of a + performance or other sounds; and, (iii) in the case of broadcasts, the + organization that transmits the broadcast. + f. "Work" means the literary and/or artistic work offered under the terms + of this License including without limitation any production in the + literary, scientific and artistic domain, whatever may be the mode or + form of its expression including digital form, such as a book, + pamphlet and other writing; a lecture, address, sermon or other work + of the same nature; a dramatic or dramatico-musical work; a + choreographic work or entertainment in dumb show; a musical + composition with or without words; a cinematographic work to which are + assimilated works expressed by a process analogous to cinematography; + a work of drawing, painting, architecture, sculpture, engraving or + lithography; a photographic work to which are assimilated works + expressed by a process analogous to photography; a work of applied + art; an illustration, map, plan, sketch or three-dimensional work + relative to geography, topography, architecture or science; a + performance; a broadcast; a phonogram; a compilation of data to the + extent it is protected as a copyrightable work; or a work performed by + a variety or circus performer to the extent it is not otherwise + considered a literary or artistic work. + g. "You" means an individual or entity exercising rights under this + License who has not previously violated the terms of this License with + respect to the Work, or who has received express permission from the + Licensor to exercise rights under this License despite a previous + violation. + h. "Publicly Perform" means to perform public recitations of the Work and + to communicate to the public those public recitations, by any means or + process, including by wire or wireless means or public digital + performances; to make available to the public Works in such a way that + members of the public may access these Works from a place and at a + place individually chosen by them; to perform the Work to the public + by any means or process and the communication to the public of the + performances of the Work, including by public digital performance; to + broadcast and rebroadcast the Work by any means including signs, + sounds or images. + i. "Reproduce" means to make copies of the Work by any means including + without limitation by sound or visual recordings and the right of + fixation and reproducing fixations of the Work, including storage of a + protected performance or phonogram in digital form or other electronic + medium. + +2. Fair Dealing Rights. Nothing in this License is intended to reduce, +limit, or restrict any uses free from copyright or rights arising from +limitations or exceptions that are provided for in connection with the +copyright protection under copyright law or other applicable laws. + +3. License Grant. Subject to the terms and conditions of this License, +Licensor hereby grants You a worldwide, royalty-free, non-exclusive, +perpetual (for the duration of the applicable copyright) license to +exercise the rights in the Work as stated below: + + a. to Reproduce the Work, to incorporate the Work into one or more + Collections, and to Reproduce the Work as incorporated in the + Collections; + b. to create and Reproduce Adaptations provided that any such Adaptation, + including any translation in any medium, takes reasonable steps to + clearly label, demarcate or otherwise identify that changes were made + to the original Work. For example, a translation could be marked "The + original work was translated from English to Spanish," or a + modification could indicate "The original work has been modified."; + c. to Distribute and Publicly Perform the Work including as incorporated + in Collections; and, + d. to Distribute and Publicly Perform Adaptations. + e. For the avoidance of doubt: + + i. Non-waivable Compulsory License Schemes. In those jurisdictions in + which the right to collect royalties through any statutory or + compulsory licensing scheme cannot be waived, the Licensor + reserves the exclusive right to collect such royalties for any + exercise by You of the rights granted under this License; + ii. Waivable Compulsory License Schemes. In those jurisdictions in + which the right to collect royalties through any statutory or + compulsory licensing scheme can be waived, the Licensor waives the + exclusive right to collect such royalties for any exercise by You + of the rights granted under this License; and, + iii. Voluntary License Schemes. The Licensor waives the right to + collect royalties, whether individually or, in the event that the + Licensor is a member of a collecting society that administers + voluntary licensing schemes, via that society, from any exercise + by You of the rights granted under this License. + +The above rights may be exercised in all media and formats whether now +known or hereafter devised. The above rights include the right to make +such modifications as are technically necessary to exercise the rights in +other media and formats. Subject to Section 8(f), all rights not expressly +granted by Licensor are hereby reserved. + +4. Restrictions. The license granted in Section 3 above is expressly made +subject to and limited by the following restrictions: + + a. You may Distribute or Publicly Perform the Work only under the terms + of this License. You must include a copy of, or the Uniform Resource + Identifier (URI) for, this License with every copy of the Work You + Distribute or Publicly Perform. You may not offer or impose any terms + on the Work that restrict the terms of this License or the ability of + the recipient of the Work to exercise the rights granted to that + recipient under the terms of the License. You may not sublicense the + Work. You must keep intact all notices that refer to this License and + to the disclaimer of warranties with every copy of the Work You + Distribute or Publicly Perform. When You Distribute or Publicly + Perform the Work, You may not impose any effective technological + measures on the Work that restrict the ability of a recipient of the + Work from You to exercise the rights granted to that recipient under + the terms of the License. This Section 4(a) applies to the Work as + incorporated in a Collection, but this does not require the Collection + apart from the Work itself to be made subject to the terms of this + License. If You create a Collection, upon notice from any Licensor You + must, to the extent practicable, remove from the Collection any credit + as required by Section 4(b), as requested. If You create an + Adaptation, upon notice from any Licensor You must, to the extent + practicable, remove from the Adaptation any credit as required by + Section 4(b), as requested. + b. If You Distribute, or Publicly Perform the Work or any Adaptations or + Collections, You must, unless a request has been made pursuant to + Section 4(a), keep intact all copyright notices for the Work and + provide, reasonable to the medium or means You are utilizing: (i) the + name of the Original Author (or pseudonym, if applicable) if supplied, + and/or if the Original Author and/or Licensor designate another party + or parties (e.g., a sponsor institute, publishing entity, journal) for + attribution ("Attribution Parties") in Licensor's copyright notice, + terms of service or by other reasonable means, the name of such party + or parties; (ii) the title of the Work if supplied; (iii) to the + extent reasonably practicable, the URI, if any, that Licensor + specifies to be associated with the Work, unless such URI does not + refer to the copyright notice or licensing information for the Work; + and (iv) , consistent with Section 3(b), in the case of an Adaptation, + a credit identifying the use of the Work in the Adaptation (e.g., + "French translation of the Work by Original Author," or "Screenplay + based on original Work by Original Author"). The credit required by + this Section 4 (b) may be implemented in any reasonable manner; + provided, however, that in the case of a Adaptation or Collection, at + a minimum such credit will appear, if a credit for all contributing + authors of the Adaptation or Collection appears, then as part of these + credits and in a manner at least as prominent as the credits for the + other contributing authors. For the avoidance of doubt, You may only + use the credit required by this Section for the purpose of attribution + in the manner set out above and, by exercising Your rights under this + License, You may not implicitly or explicitly assert or imply any + connection with, sponsorship or endorsement by the Original Author, + Licensor and/or Attribution Parties, as appropriate, of You or Your + use of the Work, without the separate, express prior written + permission of the Original Author, Licensor and/or Attribution + Parties. + c. Except as otherwise agreed in writing by the Licensor or as may be + otherwise permitted by applicable law, if You Reproduce, Distribute or + Publicly Perform the Work either by itself or as part of any + Adaptations or Collections, You must not distort, mutilate, modify or + take other derogatory action in relation to the Work which would be + prejudicial to the Original Author's honor or reputation. Licensor + agrees that in those jurisdictions (e.g. Japan), in which any exercise + of the right granted in Section 3(b) of this License (the right to + make Adaptations) would be deemed to be a distortion, mutilation, + modification or other derogatory action prejudicial to the Original + Author's honor and reputation, the Licensor will waive or not assert, + as appropriate, this Section, to the fullest extent permitted by the + applicable national law, to enable You to reasonably exercise Your + right under Section 3(b) of this License (right to make Adaptations) + but not otherwise. + +5. Representations, Warranties and Disclaimer + +UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR +OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY +KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, +INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, +FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF +LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, +WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION +OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. + +6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE +LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR +ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES +ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS +BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. + +7. Termination + + a. This License and the rights granted hereunder will terminate + automatically upon any breach by You of the terms of this License. + Individuals or entities who have received Adaptations or Collections + from You under this License, however, will not have their licenses + terminated provided such individuals or entities remain in full + compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will + survive any termination of this License. + b. Subject to the above terms and conditions, the license granted here is + perpetual (for the duration of the applicable copyright in the Work). + Notwithstanding the above, Licensor reserves the right to release the + Work under different license terms or to stop distributing the Work at + any time; provided, however that any such election will not serve to + withdraw this License (or any other license that has been, or is + required to be, granted under the terms of this License), and this + License will continue in full force and effect unless terminated as + stated above. + +8. Miscellaneous + + a. Each time You Distribute or Publicly Perform the Work or a Collection, + the Licensor offers to the recipient a license to the Work on the same + terms and conditions as the license granted to You under this License. + b. Each time You Distribute or Publicly Perform an Adaptation, Licensor + offers to the recipient a license to the original Work on the same + terms and conditions as the license granted to You under this License. + c. If any provision of this License is invalid or unenforceable under + applicable law, it shall not affect the validity or enforceability of + the remainder of the terms of this License, and without further action + by the parties to this agreement, such provision shall be reformed to + the minimum extent necessary to make such provision valid and + enforceable. + d. No term or provision of this License shall be deemed waived and no + breach consented to unless such waiver or consent shall be in writing + and signed by the party to be charged with such waiver or consent. + e. This License constitutes the entire agreement between the parties with + respect to the Work licensed here. There are no understandings, + agreements or representations with respect to the Work not specified + here. Licensor shall not be bound by any additional provisions that + may appear in any communication from You. This License may not be + modified without the mutual written agreement of the Licensor and You. + f. The rights granted under, and the subject matter referenced, in this + License were drafted utilizing the terminology of the Berne Convention + for the Protection of Literary and Artistic Works (as amended on + September 28, 1979), the Rome Convention of 1961, the WIPO Copyright + Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 + and the Universal Copyright Convention (as revised on July 24, 1971). + These rights and subject matter take effect in the relevant + jurisdiction in which the License terms are sought to be enforced + according to the corresponding provisions of the implementation of + those treaty provisions in the applicable national law. If the + standard suite of rights granted under applicable copyright law + includes additional rights not granted under this License, such + additional rights are deemed to be included in the License; this + License is not intended to restrict the license of any rights under + applicable law. + + +Creative Commons Notice + + Creative Commons is not a party to this License, and makes no warranty + whatsoever in connection with the Work. Creative Commons will not be + liable to You or any party on any legal theory for any damages + whatsoever, including without limitation any general, special, + incidental or consequential damages arising in connection to this + license. Notwithstanding the foregoing two (2) sentences, if Creative + Commons has expressly identified itself as the Licensor hereunder, it + shall have all rights and obligations of Licensor. + + Except for the limited purpose of indicating to the public that the + Work is licensed under the CCPL, Creative Commons does not authorize + the use by either party of the trademark "Creative Commons" or any + related trademark or logo of Creative Commons without the prior + written consent of Creative Commons. Any permitted use will be in + compliance with Creative Commons' then-current trademark usage + guidelines, as may be published on its website or otherwise made + available upon request from time to time. For the avoidance of doubt, + this trademark restriction does not form part of this License. + + Creative Commons may be contacted at http://creativecommons.org/. diff --git a/ports/igtf-certificates/files/LICENSE_MPL-1.1.txt b/ports/igtf-certificates/files/LICENSE_MPL-1.1.txt new file mode 100644 index 0000000..a8cd934 --- /dev/null +++ b/ports/igtf-certificates/files/LICENSE_MPL-1.1.txt @@ -0,0 +1,470 @@ + MOZILLA PUBLIC LICENSE + Version 1.1 + + --------------- + +1. Definitions. + + 1.0.1. "Commercial Use" means distribution or otherwise making the + Covered Code available to a third party. + + 1.1. "Contributor" means each entity that creates or contributes to + the creation of Modifications. + + 1.2. "Contributor Version" means the combination of the Original + Code, prior Modifications used by a Contributor, and the Modifications + made by that particular Contributor. + + 1.3. "Covered Code" means the Original Code or Modifications or the + combination of the Original Code and Modifications, in each case + including portions thereof. + + 1.4. "Electronic Distribution Mechanism" means a mechanism generally + accepted in the software development community for the electronic + transfer of data. + + 1.5. "Executable" means Covered Code in any form other than Source + Code. + + 1.6. "Initial Developer" means the individual or entity identified + as the Initial Developer in the Source Code notice required by Exhibit + A. + + 1.7. "Larger Work" means a work which combines Covered Code or + portions thereof with code not governed by the terms of this License. + + 1.8. "License" means this document. + + 1.8.1. "Licensable" means having the right to grant, to the maximum + extent possible, whether at the time of the initial grant or + subsequently acquired, any and all of the rights conveyed herein. + + 1.9. "Modifications" means any addition to or deletion from the + substance or structure of either the Original Code or any previous + Modifications. When Covered Code is released as a series of files, a + Modification is: + A. Any addition to or deletion from the contents of a file + containing Original Code or previous Modifications. + + B. Any new file that contains any part of the Original Code or + previous Modifications. + + 1.10. "Original Code" means Source Code of computer software code + which is described in the Source Code notice required by Exhibit A as + Original Code, and which, at the time of its release under this + License is not already Covered Code governed by this License. + + 1.10.1. "Patent Claims" means any patent claim(s), now owned or + hereafter acquired, including without limitation, method, process, + and apparatus claims, in any patent Licensable by grantor. + + 1.11. "Source Code" means the preferred form of the Covered Code for + making modifications to it, including all modules it contains, plus + any associated interface definition files, scripts used to control + compilation and installation of an Executable, or source code + differential comparisons against either the Original Code or another + well known, available Covered Code of the Contributor's choice. The + Source Code can be in a compressed or archival form, provided the + appropriate decompression or de-archiving software is widely available + for no charge. + + 1.12. "You" (or "Your") means an individual or a legal entity + exercising rights under, and complying with all of the terms of, this + License or a future version of this License issued under Section 6.1. + For legal entities, "You" includes any entity which controls, is + controlled by, or is under common control with You. For purposes of + this definition, "control" means (a) the power, direct or indirect, + to cause the direction or management of such entity, whether by + contract or otherwise, or (b) ownership of more than fifty percent + (50%) of the outstanding shares or beneficial ownership of such + entity. + +2. Source Code License. + + 2.1. The Initial Developer Grant. + The Initial Developer hereby grants You a world-wide, royalty-free, + non-exclusive license, subject to third party intellectual property + claims: + (a) under intellectual property rights (other than patent or + trademark) Licensable by Initial Developer to use, reproduce, + modify, display, perform, sublicense and distribute the Original + Code (or portions thereof) with or without Modifications, and/or + as part of a Larger Work; and + + (b) under Patents Claims infringed by the making, using or + selling of Original Code, to make, have made, use, practice, + sell, and offer for sale, and/or otherwise dispose of the + Original Code (or portions thereof). + + (c) the licenses granted in this Section 2.1(a) and (b) are + effective on the date Initial Developer first distributes + Original Code under the terms of this License. + + (d) Notwithstanding Section 2.1(b) above, no patent license is + granted: 1) for code that You delete from the Original Code; 2) + separate from the Original Code; or 3) for infringements caused + by: i) the modification of the Original Code or ii) the + combination of the Original Code with other software or devices. + + 2.2. Contributor Grant. + Subject to third party intellectual property claims, each Contributor + hereby grants You a world-wide, royalty-free, non-exclusive license + + (a) under intellectual property rights (other than patent or + trademark) Licensable by Contributor, to use, reproduce, modify, + display, perform, sublicense and distribute the Modifications + created by such Contributor (or portions thereof) either on an + unmodified basis, with other Modifications, as Covered Code + and/or as part of a Larger Work; and + + (b) under Patent Claims infringed by the making, using, or + selling of Modifications made by that Contributor either alone + and/or in combination with its Contributor Version (or portions + of such combination), to make, use, sell, offer for sale, have + made, and/or otherwise dispose of: 1) Modifications made by that + Contributor (or portions thereof); and 2) the combination of + Modifications made by that Contributor with its Contributor + Version (or portions of such combination). + + (c) the licenses granted in Sections 2.2(a) and 2.2(b) are + effective on the date Contributor first makes Commercial Use of + the Covered Code. + + (d) Notwithstanding Section 2.2(b) above, no patent license is + granted: 1) for any code that Contributor has deleted from the + Contributor Version; 2) separate from the Contributor Version; + 3) for infringements caused by: i) third party modifications of + Contributor Version or ii) the combination of Modifications made + by that Contributor with other software (except as part of the + Contributor Version) or other devices; or 4) under Patent Claims + infringed by Covered Code in the absence of Modifications made by + that Contributor. + +3. Distribution Obligations. + + 3.1. Application of License. + The Modifications which You create or to which You contribute are + governed by the terms of this License, including without limitation + Section 2.2. The Source Code version of Covered Code may be + distributed only under the terms of this License or a future version + of this License released under Section 6.1, and You must include a + copy of this License with every copy of the Source Code You + distribute. You may not offer or impose any terms on any Source Code + version that alters or restricts the applicable version of this + License or the recipients' rights hereunder. However, You may include + an additional document offering the additional rights described in + Section 3.5. + + 3.2. Availability of Source Code. + Any Modification which You create or to which You contribute must be + made available in Source Code form under the terms of this License + either on the same media as an Executable version or via an accepted + Electronic Distribution Mechanism to anyone to whom you made an + Executable version available; and if made available via Electronic + Distribution Mechanism, must remain available for at least twelve (12) + months after the date it initially became available, or at least six + (6) months after a subsequent version of that particular Modification + has been made available to such recipients. You are responsible for + ensuring that the Source Code version remains available even if the + Electronic Distribution Mechanism is maintained by a third party. + + 3.3. Description of Modifications. + You must cause all Covered Code to which You contribute to contain a + file documenting the changes You made to create that Covered Code and + the date of any change. You must include a prominent statement that + the Modification is derived, directly or indirectly, from Original + Code provided by the Initial Developer and including the name of the + Initial Developer in (a) the Source Code, and (b) in any notice in an + Executable version or related documentation in which You describe the + origin or ownership of the Covered Code. + + 3.4. Intellectual Property Matters + (a) Third Party Claims. + If Contributor has knowledge that a license under a third party's + intellectual property rights is required to exercise the rights + granted by such Contributor under Sections 2.1 or 2.2, + Contributor must include a text file with the Source Code + distribution titled "LEGAL" which describes the claim and the + party making the claim in sufficient detail that a recipient will + know whom to contact. If Contributor obtains such knowledge after + the Modification is made available as described in Section 3.2, + Contributor shall promptly modify the LEGAL file in all copies + Contributor makes available thereafter and shall take other steps + (such as notifying appropriate mailing lists or newsgroups) + reasonably calculated to inform those who received the Covered + Code that new knowledge has been obtained. + + (b) Contributor APIs. + If Contributor's Modifications include an application programming + interface and Contributor has knowledge of patent licenses which + are reasonably necessary to implement that API, Contributor must + also include this information in the LEGAL file. + + (c) Representations. + Contributor represents that, except as disclosed pursuant to + Section 3.4(a) above, Contributor believes that Contributor's + Modifications are Contributor's original creation(s) and/or + Contributor has sufficient rights to grant the rights conveyed by + this License. + + 3.5. Required Notices. + You must duplicate the notice in Exhibit A in each file of the Source + Code. If it is not possible to put such notice in a particular Source + Code file due to its structure, then You must include such notice in a + location (such as a relevant directory) where a user would be likely + to look for such a notice. If You created one or more Modification(s) + You may add your name as a Contributor to the notice described in + Exhibit A. You must also duplicate this License in any documentation + for the Source Code where You describe recipients' rights or ownership + rights relating to Covered Code. You may choose to offer, and to + charge a fee for, warranty, support, indemnity or liability + obligations to one or more recipients of Covered Code. However, You + may do so only on Your own behalf, and not on behalf of the Initial + Developer or any Contributor. You must make it absolutely clear than + any such warranty, support, indemnity or liability obligation is + offered by You alone, and You hereby agree to indemnify the Initial + Developer and every Contributor for any liability incurred by the + Initial Developer or such Contributor as a result of warranty, + support, indemnity or liability terms You offer. + + 3.6. Distribution of Executable Versions. + You may distribute Covered Code in Executable form only if the + requirements of Section 3.1-3.5 have been met for that Covered Code, + and if You include a notice stating that the Source Code version of + the Covered Code is available under the terms of this License, + including a description of how and where You have fulfilled the + obligations of Section 3.2. The notice must be conspicuously included + in any notice in an Executable version, related documentation or + collateral in which You describe recipients' rights relating to the + Covered Code. You may distribute the Executable version of Covered + Code or ownership rights under a license of Your choice, which may + contain terms different from this License, provided that You are in + compliance with the terms of this License and that the license for the + Executable version does not attempt to limit or alter the recipient's + rights in the Source Code version from the rights set forth in this + License. If You distribute the Executable version under a different + license You must make it absolutely clear that any terms which differ + from this License are offered by You alone, not by the Initial + Developer or any Contributor. You hereby agree to indemnify the + Initial Developer and every Contributor for any liability incurred by + the Initial Developer or such Contributor as a result of any such + terms You offer. + + 3.7. Larger Works. + You may create a Larger Work by combining Covered Code with other code + not governed by the terms of this License and distribute the Larger + Work as a single product. In such a case, You must make sure the + requirements of this License are fulfilled for the Covered Code. + +4. Inability to Comply Due to Statute or Regulation. + + If it is impossible for You to comply with any of the terms of this + License with respect to some or all of the Covered Code due to + statute, judicial order, or regulation then You must: (a) comply with + the terms of this License to the maximum extent possible; and (b) + describe the limitations and the code they affect. Such description + must be included in the LEGAL file described in Section 3.4 and must + be included with all distributions of the Source Code. Except to the + extent prohibited by statute or regulation, such description must be + sufficiently detailed for a recipient of ordinary skill to be able to + understand it. + +5. Application of this License. + + This License applies to code to which the Initial Developer has + attached the notice in Exhibit A and to related Covered Code. + +6. Versions of the License. + + 6.1. New Versions. + Netscape Communications Corporation ("Netscape") may publish revised + and/or new versions of the License from time to time. Each version + will be given a distinguishing version number. + + 6.2. Effect of New Versions. + Once Covered Code has been published under a particular version of the + License, You may always continue to use it under the terms of that + version. You may also choose to use such Covered Code under the terms + of any subsequent version of the License published by Netscape. No one + other than Netscape has the right to modify the terms applicable to + Covered Code created under this License. + + 6.3. Derivative Works. + If You create or use a modified version of this License (which you may + only do in order to apply it to code which is not already Covered Code + governed by this License), You must (a) rename Your license so that + the phrases "Mozilla", "MOZILLAPL", "MOZPL", "Netscape", + "MPL", "NPL" or any confusingly similar phrase do not appear in your + license (except to note that your license differs from this License) + and (b) otherwise make it clear that Your version of the license + contains terms which differ from the Mozilla Public License and + Netscape Public License. (Filling in the name of the Initial + Developer, Original Code or Contributor in the notice described in + Exhibit A shall not of themselves be deemed to be modifications of + this License.) + +7. DISCLAIMER OF WARRANTY. + + COVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, + WITHOUT LIMITATION, WARRANTIES THAT THE COVERED CODE IS FREE OF + DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. + THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED CODE + IS WITH YOU. SHOULD ANY COVERED CODE PROVE DEFECTIVE IN ANY RESPECT, + YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE + COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER + OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF + ANY COVERED CODE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. + +8. TERMINATION. + + 8.1. This License and the rights granted hereunder will terminate + automatically if You fail to comply with terms herein and fail to cure + such breach within 30 days of becoming aware of the breach. All + sublicenses to the Covered Code which are properly granted shall + survive any termination of this License. Provisions which, by their + nature, must remain in effect beyond the termination of this License + shall survive. + + 8.2. If You initiate litigation by asserting a patent infringement + claim (excluding declatory judgment actions) against Initial Developer + or a Contributor (the Initial Developer or Contributor against whom + You file such action is referred to as "Participant") alleging that: + + (a) such Participant's Contributor Version directly or indirectly + infringes any patent, then any and all rights granted by such + Participant to You under Sections 2.1 and/or 2.2 of this License + shall, upon 60 days notice from Participant terminate prospectively, + unless if within 60 days after receipt of notice You either: (i) + agree in writing to pay Participant a mutually agreeable reasonable + royalty for Your past and future use of Modifications made by such + Participant, or (ii) withdraw Your litigation claim with respect to + the Contributor Version against such Participant. If within 60 days + of notice, a reasonable royalty and payment arrangement are not + mutually agreed upon in writing by the parties or the litigation claim + is not withdrawn, the rights granted by Participant to You under + Sections 2.1 and/or 2.2 automatically terminate at the expiration of + the 60 day notice period specified above. + + (b) any software, hardware, or device, other than such Participant's + Contributor Version, directly or indirectly infringes any patent, then + any rights granted to You by such Participant under Sections 2.1(b) + and 2.2(b) are revoked effective as of the date You first made, used, + sold, distributed, or had made, Modifications made by that + Participant. + + 8.3. If You assert a patent infringement claim against Participant + alleging that such Participant's Contributor Version directly or + indirectly infringes any patent where such claim is resolved (such as + by license or settlement) prior to the initiation of patent + infringement litigation, then the reasonable value of the licenses + granted by such Participant under Sections 2.1 or 2.2 shall be taken + into account in determining the amount or value of any payment or + license. + + 8.4. In the event of termination under Sections 8.1 or 8.2 above, + all end user license agreements (excluding distributors and resellers) + which have been validly granted by You or any distributor hereunder + prior to termination shall survive termination. + +9. LIMITATION OF LIABILITY. + + UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT + (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL + DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED CODE, + OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR + ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY + CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, + WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER + COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN + INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF + LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY + RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW + PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE + EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO + THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. + +10. U.S. GOVERNMENT END USERS. + + The Covered Code is a "commercial item," as that term is defined in + 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer + software" and "commercial computer software documentation," as such + terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 + C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), + all U.S. Government End Users acquire Covered Code with only those + rights set forth herein. + +11. MISCELLANEOUS. + + This License represents the complete agreement concerning subject + matter hereof. If any provision of this License is held to be + unenforceable, such provision shall be reformed only to the extent + necessary to make it enforceable. This License shall be governed by + California law provisions (except to the extent applicable law, if + any, provides otherwise), excluding its conflict-of-law provisions. + With respect to disputes in which at least one party is a citizen of, + or an entity chartered or registered to do business in the United + States of America, any litigation relating to this License shall be + subject to the jurisdiction of the Federal Courts of the Northern + District of California, with venue lying in Santa Clara County, + California, with the losing party responsible for costs, including + without limitation, court costs and reasonable attorneys' fees and + expenses. The application of the United Nations Convention on + Contracts for the International Sale of Goods is expressly excluded. + Any law or regulation which provides that the language of a contract + shall be construed against the drafter shall not apply to this + License. + +12. RESPONSIBILITY FOR CLAIMS. + + As between Initial Developer and the Contributors, each party is + responsible for claims and damages arising, directly or indirectly, + out of its utilization of rights under this License and You agree to + work with Initial Developer and Contributors to distribute such + responsibility on an equitable basis. Nothing herein is intended or + shall be deemed to constitute any admission of liability. + +13. MULTIPLE-LICENSED CODE. + + Initial Developer may designate portions of the Covered Code as + "Multiple-Licensed". "Multiple-Licensed" means that the Initial + Developer permits you to utilize portions of the Covered Code under + Your choice of the MPL or the alternative licenses, if any, specified + by the Initial Developer in the file described in Exhibit A. + +EXHIBIT A -Mozilla Public License. + + ``The contents of this file are subject to the Mozilla Public License + Version 1.1 (the "License"); you may not use this file except in + compliance with the License. You may obtain a copy of the License at + http://www.mozilla.org/MPL/ + + Software distributed under the License is distributed on an "AS IS" + basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the + License for the specific language governing rights and limitations + under the License. + + The Original Code is ______________________________________. + + The Initial Developer of the Original Code is ________________________. + Portions created by ______________________ are Copyright (C) ______ + _______________________. All Rights Reserved. + + Contributor(s): ______________________________________. + + Alternatively, the contents of this file may be used under the terms + of the _____ license (the "[___] License"), in which case the + provisions of [______] License are applicable instead of those + above. If you wish to allow use of your version of this file only + under the terms of the [____] License and not to allow others to use + your version of this file under the MPL, indicate your decision by + deleting the provisions above and replace them with the notice and + other provisions required by the [___] License. If you do not delete + the provisions above, a recipient may use your version of this file + under either the MPL or the [___] License." + + [NOTE: The text of this Exhibit A may differ slightly from the text of + the notices in the Source Code files of the Original Code. You should + use the text of this Exhibit A rather than the text found in the + Original Code Source Code for Your Modifications.] +