The CILogon Service has now officially entered operation at https://cilogon.org. The service provides certificates to researchers for accessing NSF cyberinfrastructure (CI). It relies on the researcher's home organization, through the InCommon federation, to authenticate the researcher and provide the researcher's identity for inclusion in the certificate. We are working to support more InCommon member organizations, integrate with CI providers, and improve the usability and functionality of the service. Please contact us at help@cilogon.org to learn more and/or to give your suggestions for improvement.

The Federated Identity for CyberInfrastructure workshop, to be held November 4th and 5th at the 2010 Internet2 Fall Member Meeting in Atlanta, Georgia, will bring together campus identity providers and both users and providers of research cyberinfrastructure to discuss requirements, challenges, and approaches for using federated identity to access cyberinfrastructure (such as TeraGrid). We will discuss how federated identity is currently being used in different cyberinfrastructures, as well as plans and requirements for future use. We invite broad participation and do not limit our focus exclusively to National Science Foundation cyberinfrastructure. For more information, please visit http://workshops.cilogon.org/2010.

Internet2 and InCommon announced the availability of the InCommon Certificate Service at the Spring 2010 Internet2 Member Meeting. The InCommon Certificate Service will provide the U.S. higher education community with unlimited server and personal certificates at a low, fixed fee. This new service is modeled on the successful TERENA Certificate Service in Europe. Initially, authentication to the InCommon Certificate Service will not rely on the InCommon SAML Federation, in contrast to the CILogon Service which will issue certificates based on InCommon federated, campus-based authentication. CILogon project staff will continue to work collaboratively with InCommon to ensure that the certificate services available to InCommon members meet the variety of requirements of our community.

The Symposium on Authentication Technologies for Research and Education will be held Monday, October 4 on the campus of Texas Tech University in Lubbock, Texas, to be followed immediately by the associated 5th anniversary celebration and meeting of the International Grid Trust Federation and The Americas Grid Policy Management Authority October 5-7. The symposium and subsequent 5th anniversary celebration will be held at the International Cultural Center on the grounds of Texas Tech University, near the TTU Museum and National Ranching Heritage Center. This top-notch facility will provide an appropriate setting to recognize and commemorate the value to international research provided by TAGPMA and the other member authorities of the IGTF since its formation in October 2005. Please mark your calendars and consider participating in this meeting. See the call for presentation abstracts and meeting registration details.

Globus Toolkit 5.0.1 and later are compatible with the recently released OpenSSL 1.0.0. However, an interface change in OpenSSL 1.0.0 impacts the Globus Toolkit Grid Security Infrastructure (GSI). Specifically, OpenSSL 1.0.0 changes the hash format used for naming certificate directory files (CA certificates and CRLs). OpenSSL 1.0.0 and later will locate certificate directory files using the new hash values, while older OpenSSL versions will locate certificate directory files using the old hash values. If the Globus Toolkit components that use OpenSSL can not locate the certificate directory files, GSI authentication will fail. We've created a web page to document OpenSSL 1.0.0 compatibility information at http://www.cilogon.org/openssl1. It includes links to tools for updating certificate directory file hashes, documents details of how components like MyProxy and Simple CA are impacted, and lists error messages and explanations. If you have any suggestions for improving this page, please let us know!

MyProxy 0.1 was released April 3, 2000. Over the past 10 years, the MyProxy project has released more than 50 versions of the MyProxy software containing contributions from developers around the world. A project timeline on the MyProxy web site shows some of the significant project milestones to date.

Jim Basney will present a poster about the CILogon Service at the Spring 2010 Internet2 Member Meeting (April 26-28 in Arlington, VA). If you are attending, please stop by during the poster sessions to say hello. Registration for the meeting is now open. The meeting program will include many interesting topics, including Identity Management for the LIGO Project, the CIC InCommon Silver Project, and PKI.

MyProxy 5.1 and GSI-OpenSSH 5.0 were released today, for inclusion in version 5.0.1 of the Globus Toolkit. These releases add usage reporting functionality from the Globus Metrics project to help the CILogon project collect generic statistics about use of the software, for reporting to the National Science Foundation, which provides funding for the CILogon project. The releases also include fixes for bugs reported by MyProxy and GSI-OpenSSH users.

GridShib-CA allows a user to authenticate using Shibboleth or OpenID and then creates and installs a short-lived grid credential based on that authentication on the user's local system. Version 2.0.0 improves on the previous release by adding support for OpenID and an open architecture that allows developers to extend functionality. For more details, see the release announcement.

Jim Basney will be presenting updates from the CILogon project at GlobusWorld 2010, to be held March 2-4 at Argonne National Laboratory. His slides will be available from the CILogon Documents page.