[TriLUG] CACert
Hadrian Zbarcea
hzbarcea at gmail.com
Tue Dec 2 08:11:41 EST 2008
I am interested in joining too. I used to use thawte ages ago, for
the web of trust they had a system based on notaries similar to
yours. I know a few people who use cacert. I'd love to see it
growing and being approved by the major browser vendors.
Cheers
Hadrian
On Dec 2, 2008, at 12:05 AM, Brian McCullough wrote:
> On Mon, Dec 01, 2008 at 11:12:16PM -0500, Kristopher Kane wrote:
>> I am interested in this topic but know little about it. What
>> exactly will
>> be certified and does being a member mean you have your own
>> certificate,
>> vouched for by CACert?
>
> You're right, Cristobal, we need to do this again.
>
>
> Kristopher,
>
> CACert is a Certificate Authority, just ( sort of ) like Thawte,
> Verisign and RSA ( or at least parts of their businesses ).
>
> The difference ( or at least one important difference ) is that CACert
> is operated along the principles of Open Source, and is a non-profit
> organization.
>
> By becoming a member of the CACert Community, you may participate in
> the
> organization with all of the appropriate rights and responsibilities.
> One of those rights is the ability to have issued X.509 Certificates,
> which you can then install into Thunderbird or Firefox to sign and
> encrypt e-mail or identify yourself to web sites.
>
> The Assurer process requires that two or three different people
> examine
> your identification information, applying certain criteria, and
> awarding
> you points which, once you have accumulated the required number,
> allows
> you to have a certificate that contains your own name, rather than,
> for
> instance, Thawte's "Free E-Mail Certificate", which has that as the
> owner's name, as well.
>
> If you want to continue and acquire more points, and after passing an
> on-line examination, you can become an Assurer, yourself, and
> similarly
> Assure other people that you meet. This Web Of Trust, like Thawte's
> and
> PGP's, allow for the "organic" growth of the network.
>
> Over the past three years or so, CACert has grown from the "one man
> show" that it began as, to a formal, professionally-run organization
> that it needs to be to operate in this world. Unlike some Open Source
> operations, organizations, or projects, CACert needs to fulfil certain
> formal requirements to be allowed to "play" in the big leagues. An
> early goal was to be included in the approved Root CA list found in
> Firefox and other Mozilla products. To do so, CACert had to pass an
> audit, as required by Mozilla. Other browser manufacturers had
> similar
> requirements. Unlike many Open Source projects, where you just throw
> the code out and hope somebody likes it enough to join you, this
> required a more professional approach, which the CACert Boards found
> to
> their dismay.
>
>
> The very long history of this struggle can be found in the link from
> Ian
> Grigg, who was assigned the job of Auditor. However, finally, things
> are progressing well, and success in the Audit process seems possible.
> The servers that support CACert have found a secure, professional home
> in the Netherlands, and there is a new Board and policies in place.
> For
> those who have an interest in the processes of documentation and
> regulation ( some of our people in The Park -- particularly in
> FDA-regulated industries -- may be familiar with these processes ),
> there is a mailing list where all discussions regarding the new
> policies
> and procedures take place. The new re-organization allows all members
> to participate in the policy-creation process.
>
>
> Anyway, I have rambled on long enough for this message.
>
>
> Feel free to look around the CACert web site, and, if you like, you
> can
> take the first step by joining.
>
>
> Brian
>
>
>
>
>>
>> -kkane
>> --
>> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
>> TriLUG FAQ : http://www.trilug.org/wiki/Frequently_Asked_Questions
> --
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG FAQ : http://www.trilug.org/wiki/Frequently_Asked_Questions
More information about the TriLUG
mailing list