Updates for blog and bugs

We just updated some of our servers to the latest updates:

https://blog.cacert.org/ to the latest WordPress-release.

https://bugs.cacert.org/ to the latest mantis-release.

Furthermore the client certificate login on https://bugs.cacert.org was activated by today for Class-3 certificates. To login you have to enter your username or email-adress of your mantis-account.

Trying to login to https://bugs.cacert.org/ using an unknown email-adress will NOT create a new account: You have to create an account first using the email-adress, which is listed in your client certificate. If you already have an account at https://bugs.cacert.org/ you may change the email-adress of your account to the first email-adress in your client-certificate.

If the certificate-authentication fails (no matter, if you use no client certificate, an expired one or a certificate, which does not match your email-adress) you can use the normal “classic” username/password-credentials to login.

If you try to use a Class-1-client certificate, you currently will may probably receive an error-message like “ERR_BAD_SSL_CLIENT_AUTH_CERT”. In this case please login without a client certificate or create a Class-3-certificate.

In case you face any issues don’t hesitate to contact us for help.

Kind regards,

dirk astrath (CAcert blog admin/CAcert software assessor)

Certificate Login for CAcert wiki

Within the last days I ran some tests using the certificate login for https://wiki.cacert.org/.

This evening I activated this function on our wiki server.

Trying to login to https://wiki.cacert.org/ using an unknown email-adress will NOT create a new account: You have to create an account first using the email-adress, which is listed in your client certificate.

If the certificate-authentication fails (no matter, if you use no client certifcate, an expired one or a certificate, which does not match your email-adress) you can use the normal “classic” username/password-credentials to login.

While installing the client certificate login for CAcert wiki I updated the root-certificate there to the resigned one.

Kind regards,

Dirk Astrath (CAcert wiki admin)

Bugs updated

Within the last days we ran some tests and updated the CAcert Bugtracker https://bugs.caccert.org/ .

It’s now running with the latest version of Mantis, which now has a responsive design. You may now read, add and comment bugreports even from your Smartphone or Tablet.

Two additional changes were done while updating to Mantis 2.4.0:

(1) The certficate chain of https://bugs.cacert.org was updated to the resigned roots.

(2) You may now login using your Mantis username or your email-adress.

This change is needed for the next update, which will be activated in some days:

You may then login to Mantis using a valid CAcert certificate. We’ll give you an update as soon as the tests are finished and the plugin is activated.

Kind regards,

Dirk Astrath (CAcert Software Assessor)

Paris vous acceuille en mois de Mai

CAcert at ParisLe prochain rendez-vous mensuel à Paris à lieu le
mardi 23 mai 2017 entre 19:00 heures et 20:00 heures

Nous vous proposons une rencontre pour toutes personne intéressée par CAcert. Validation, cértification, accrédidation de vos identités et informations sur CAcert.

Bar de l’Hôtel Novotel Les Halles
8, place Marguerite de Navarre
Paris 1er, Mo Châtelet
Pour plus d’informations: voir le wiki.

If you stay at Paris, do not miss to join the local CAcert assurer group to pass a nive evening with them at Mai 23rd!

Rendez-vous à Paris en avril

Le prochain rendez-vous mensuel à Paris à lieu le
jeudi 20 avril 2017 entre 19:00 heures et 20:00 heures

Nous vous proposons une rencontre pour toutes personne intéressée par CAcert. Validation, cértification, accrédidation de vos identités et informations sur CAcert.

Bar de l’Hôtel Novotel Les Halles
8, place Marguerite de Navarre
Paris 1er, Mo Châtelet
Pour plus d’informations: voir le wiki.

If you stay at Paris, do not miss to join the local CAcert assurer group to pass a nive evening with them at April 20th!

Accrédidation à / Assurance in Paris

Le prochain rendez-vous mensuel à Paris à lieu le
mardi 21 mars 2017 entre 19:00 heures et 20:00 heures

Nous vous proposons une rencontre pour toutes personne intéressée par CAcert. Validation, cértification, accrédidation de vos identités et informations sur CAcert.

Bar de l’Hôtel Novotel Les Halles
8, place Marguerite de Navarre
Paris 1er, Mo Châtelet
Pour plus d’informations; voir le wiki.

If you stay at Paris, do not miss to join the local CAcert assurer group to pass a nive evening with them at March 21st!

CAcert 2017

February brought the start of the exhibition season for CAcert with our presence at FOSDEM – one of the biggest Europe-wide developer conferences in Brussels, Belgium. Of course we performed our well-known assurances, which is very popular at such events, with which CAcert safeguards its certificates by checking users’ ID documents. This allows us to offer a safe and trustworthy certificate authority to our users. Of particular note was that interested people were seeking more detailed information about security – questions such as what it actually means, and why are we not yet in the trust stores of many of the web browsers. It’s true that Let’s encrypt is trusted by the popular browsers, but if you take a close look at the certificate of a site protected with a Let’s encrypt certificate, you will find out that it does not contain any information about the owner. This means it is impossible to verify the identity of the site and therefore it is basically uncertain to which site the browser is actually connected to. CAcert allows the site owner to publish identification information in the certificate after the assurance – for private users as well as for companies. This way, CAcert offers a clear mutual trust, which makes it worth importing the CAcert-Root-certificate from www.cacert.org.

But there’s more: CAcert offers client certificates as well and signs GPG/PGP keys. Anyone who always wanted to sign his emails and encrypt them if needed, can do this easily with CAcert. Most email clients supports S/MIME certificates or PGP. By this means the authenticity of the sender is verified, and the receipient can verify the name of the certificate owner. Also attachments like PDF can be signed this way and protect the document against later changes.

CAcert is supported by an Australian non-profit association, the operation of the server is safeguarded by the German incorporated society secure-u. This structure has advantages, but the Australian society is possible only as long as CAcert has at least three Australian residents as members of the board. In 2017 we want to bring the association behind the web of trust to Europe. This limits the resources of many of the active members, because the handover must be done under appropriate rules. Anyone who wants to support CAcert can find more details at recent blog post “Prosit 2017” or can send an e-mail to support@cacert.org

For a secure 2017!
Your CAcert

CAcert and secure-u e.V. present at FOSDEM 2017

CAcert and secure-u e.V. will be present at FOSDEM 2017, the Free and Open Source Software Developers’ European Meeting in Brussels, on February 4th and February 5th.

If you want to help at our booth, register yourself on our events wiki page for FOSDEM 2017 planning.

CU at FOSDEM …

Prosit 2017

Ja, 2017 will ich bei CAcert mithelfen.

Yes, I want to give CAcert a hand in 2017.
NeujahrOui, en 2017 je donnera un coup de main à CAcert.

Ja, in 2017 wil ik helpen met CAcert.

Sí, en 2017 quiero ayudar a CAcert.

Sim, em 2017 eu quero ajudar a CAcert.

This post was published at New Year in New South Wales.

Two members of CAcert Inc. honored for loyal services

In a few hours, the year 2016 will be over. So, the secretary of the new elected committee of CAcert Inc., the infrastructure partner of the CAcert comunity, had just enough time, to show his gratitude to two members of the association who were active in the association for exactly five years. That is the reasons, why he handed over them a (virtual) golden watch as sign of thank you.

Kevin Dawson from New South Wales, the home of CAcert, became Public Officer in 2011 and remained in this function until 2016. As public officer, he dealed with the New South Welsh government and was contact person for the Office of Fair Trade and CAcert’s bank. Furthermore, Kevin Dawson, had a seat in the committee from 2011 to 2013 and in the transition committee in summer 2016. We sincerely thank Kevin for his excellent work, which he has done silently at the other end of the world, but always exactly and well, and regret that he is now concentrating on new things.

The second gold watch for five year loyal services to CAcert Inc. was handed over to Dirk Astrath from Germany, the country with the most community-members. He startet – at the same time as Kevin as Public Officer – as assessor in the committee. Later he hold the functions of secretary, vice president and president with exception of winter 2015/2016. If everything goes well with the “move” of CAcert Inc. Dirk will have been the last president of the Australian association.