We are working hard to provide you with the latest versions of individual packages in the VDT. VDT 1.3.0 is based on the pre-web services components of the newer Globus 3.2 series. We have retained some of the 1.2 series patches in VDT 1.3.0 and included a couple of new patches.
However, a small change in GSI will impact some users. Previous versions of GSI were based on the OpenSSL 0.9.6 series. Globus 3.2 has switched to OpenSSL 0.9.7. While this upgrade brings additional security, it will also change how some certificate DNs are reported. This only applies to you if the subject of your certificate, the host certificate of a grid resource you use or the certificate of the CA that signed one contains an email address. This will effect the following CAs distributed by the VDT:
C=UK, O=eScience, OU=Authority, CN=CA/Emailfirstname.lastname@example.orgIn Globus 3.2 this becomes:
C=UK, O=eScience, OU=Authority, CN=CA/emailAddressemail@example.com
Problems caused by remote host certificates or signing CAs can be fixed by using the CA-Certificates package provided by VDT 1.3.0. However, those same certs can not be used by Globus 2.4 clients.
If your grid-mapfile contains any certificates with email addresses in their subject you'll need to change Email= to emailAddress= after upgrading to Globus 3.2.