Bug#1051024: bookworm-pu: package igtf-policy-bundle/1.22-1~deb12u1
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: igtf-policy-bundle@packages.debian.org
Control: affects -1 + src:igtf-policy-bundle
[ Reason ]
The IGTF bundle provides important trust anchors for the Research and
Education communities. Both for reliance on the identity of servers
for compute and storage services, as well as user identification based
on personal certificates.
A recent change in the rules for S/MIME certificates[1] has urged a
change in the profiles for end user and robot certificates, effectively
by 28 August 2023. Relying parties who need to authenticate users
should install this update as soon as possible.
1. https://cabforum.org/smime-br/
More details about the change can be found on the web page of the upstream
maintainer[2].
2.
https://www.nikhef.nl/~davidg/tcsg4/GEANT-TCSG4-private-CA-extension-20230712.pdf
[ Impact ]
Normally I would not propose to update the package in Debian stable but
this change may break authentication for some users. They could install
the package
from unstable or backports (if available).
[ Tests ]
I normally install the packages on my own systems to try out that they work.
Since the deployment is relatively straightforward there is rarely an issue.
[ Risks ]
There are no code changes between versions, it should be safe (in fact,
recommended)
to always install the latest version of the bundle.
[ Checklist ]
[*] *all* changes are documented in the d/changelog
[*] I reviewed all changes and I approve them
[*] attach debdiff against the package in (old)stable
[ ] the issue is verified as fixed in unstable
[ Changes ]
See the upstream CHANGES file (or d/changelog).
Reply to: