[TriLUG] To CAcert or Not To CAcert?

Brian McCullough via TriLUG trilug at trilug.org
Thu Mar 15 12:43:39 EDT 2018


Since there are quite a few on this list who have either performed
CAcert Assurances or had one performed for themselves, I thought that I
would ask where the wind was blowing these days.  I might ramble, so
please bear with me.



For the people who aren't aware, I will quote from the website:
cacert.org:

=====

CAcert.org is a community-driven Certificate Authority that issues
certificates to the public at large for free.

CAcert's goal is to promote awareness and education on computer security
through the use of encryption, specifically by providing cryptographic
certificates. These certificates can be used to digitally sign and
encrypt email, authenticate and authorize users connecting to websites
and secure data transmission over the internet. Any application that
supports the Secure Socket Layer Protocol (SSL or TLS) can make use of
certificates signed by CAcert, as can any application that uses X.509
certificates, e.g. for encryption or code signing and document
signatures.

=====

There are effectively two levels of membership in CAcert.  The first is
membership in the Community, which gives you the ability to create and
use X.509 certificates issued by CAcert on your behalf.  Beyond that,
Community Members may voluntarily assist with donations of money, time
or goods, because there is always work to be done and expenses to be
paid.   For instance, all Community Members are automatically members of
the Policy Committee, and may participate in discussions and votes on
the Policies of CAcert, as they choose.

The second level of membership is that of Membership in CAcert, Inc.,
the non-profit organization that manages the assets and operations of
CAcert, and was formed fifteen years ago.  Membership involves an
application and a nominal annual fee, and allows voting in the Annual
General Meeting and other such meetings.  That membership also allows
membership in the Board of Directors.


OK, now that I have discussed some history and background, I want to ask
my question, for both the people who have participated or are currently
participating in CAcert in some way, and for those who have not.

Considering that there are services such as Let's Encrypt, which offers
an X.509 Certificate for "free" to anyone, for a short, renwable,
period, is CAcert's Web of Trust, Community and independence from
commercial Certificate Authorities such as Verisign, still attractive to
the TriLUG community and the world at large?


I look forward to a lively discussion, as we frequently have here.



Thank you,
Brian



More information about the TriLUG mailing list