Monthly Archives: May 2006

Time for people to stop using SORBS

8 Replies

I like many others thought the DUL list sorbs keeps was a good idea, that is until today.

Today I noticed a lot of bounced emails (please note I’ve had servers in the colo working fine for the past 9 months and it’s never relayed spam or anything.) and realised they’d added a subnet block to their list I had so I go ahead and ask for it to be removed and they denied my application simply because the reverse lookup on the IP appears to be dynamically allocated.

So I appeal to everyone to tell them to knock off this ridiculous practise, especially when asked to remove IPs from the ranges.

Actually it’s getting to the point that RBL lists are uselessly populated with false positives, so really is there any point in using them any more?

over 6000 Assurers

2 Replies

Duane postet at 2005-05-06:

It’s taken 2 years, 2 months, and 6 days but finally we have reached 2000 assurers.

Today, another year later we have reached over 6000 Assurers, over 53,000 valid Certificates and so it goes on.

The 13th Assurer

Leave a reply

Or why we start demanding the 26 eyes principle …

The assumed quality of human manual identity verification is 99%, giving an error rate of 1%. That was the main reason behind the 4 eyes principle rule at CAcert, trying to have at least 2 assurers verify the identity of a person. Statistically, this should reduce the error rate to 1:10,000 . In practice, we had a lot of cases already, where the second assurer noticed small problems, that the first assurer oversaw, which resulted in correcting the error. (Most errors are numerical errors with the birthday, or smaller mistakes in the name). So the system seemed to work fine that way. Until an assurer noticed a couple of days ago, that there are 2 small errors in the name in an account, and that there were already 12 other assurers that assured the person, without noticing it.
Statistically, the possibility for 12 assurers not noticing it should be 1:1,000,000,000,000,000,000,000,000 (according to the statistical model) 😉
Thanks to the 13th Assurer for noticing it!
Your CAcert Quality Assurance Department

SANE (network and systems admin conference) Cacert Assurances in Delft Holland

Leave a reply

At the SANE2006 system and network admin conference running from 15th of May 2006 up to Friday 19th of May 2006 in Delft, Holland (see SANE2006) CAcert Assurances as well PGP signing can be done. At Wednesday 17th of May 2006 there is from 18:30 a special (free entrance) Bazar with a CAcert booth to obtain your assurance or to assure others.

The event location is: TU Delft, Aula Congress Centre, Mekelweg 5, Delft, Holland.

Be prepared and do your preparations see CAcert web site or SANE2006 CAcert info.

CAcert Assurances at USENIX’06 conf May 30-June 3 2006, Boston USA

Leave a reply

At the annual technical USENIX’06 conference running from 30th of May till June 3rd, 2006 in Boston, USA you will be able to be assured by CAcert Assurers and obtaining more information at the Birds of Feather session at one of the evenings at the conference. If you only want to be assured and not attend the conference feel free to walk in and ask for a CAcert Assurer. If you want your PGP key signed feel free to drop in as well.

Be prepared and visit the CAcert web site for the preparations (Assurer Forms, registration account, etc.).

For more information see BOSTON06