Author Archives: alexb

CAcert AGM and New Board

On 2012-11-25 CAcert held its Annual General Meeting. Minutes will be published soon on the wiki.

A new board was elected. We are happy to announce the new CAcert board

  • Dirk Astrath, DE
  • Michael Tänzer, DE
  • Werner Dworak, DE
  • Tomas Trnka, CZ
  • Kevin Dawson, AU
  • Sven Andriske, AU
  • Peter Yuill, AU

A big thank you to all people volunteering and helping to achieve this successful result. CAcert is dependent on many volunteers and is looking forward for your help to achieve such a good result for the coming year.

CAcert at T-DOSE, Eindhoven, Netherlands

On the coming week-end, October, 27th/28th, Technical Dutch Open Source Event (T-DOSE) will take place at the Fontys University of Applied Science in Eindhoven, Netherlands (about one hour drive from Duisburg, Germany, and Brussels, Belgium).

Who wants to get informed about free certificates, e.g. SSL-Server certificates, or client certificates for secure e-mail communication is invited to meet CAcert members for discussion on CAcerts’ T-DOSE booth. Questions about the use of certificates and necessary know-how will be answered.

The location linked in OpenStreetMap. Some navigation from Eindhoven train station can be found on Google Maps.

OpenSSL gap in ASN1 parser

Due to a vulnerability in the OpenSSL ASN1 parser OpenSSL has recently released a new version of their SSL certificate processing programs.

Not affected was the sshd server itself but software which parsed public RSA keys, or the X.509 client certificates, e.g. for logon purposes. The recent OpenSSL versions 1.0.1a, 1.0.0i and 0.9.8v fix this so called “ASN1 BIO” gap.

CAcert has upgraded its installation within 24 hours after the fix was delivered to maintain stability and availability of its public services.


CAcert OA for The Document Foundation

At the CeBIT 2012 booth in Hannover CAcert was able to handover the Organisation Account (OA) for “The Document Foundation”. The Document Foundation is dealing with financial and legal cases on behalf of the open source project LibreOffice.

CAcert hands over OA to The Document Foundation

Picture (Martin Gummi): from left. Thorsten Behrens, Deputy Chairman TDF; Marcus Mängel, CAcert Organisation Assurance Officer; Florian Effenberger, Chairman of the board TDF; Dirk Astrath, Executive Board Member CAcert.

Piratenpartei Mecklenburg-Vorpommern im CAcert Organisation Assurance Program

Gemeinsame Pressemitteilung der Piratenpartei Mecklenburg-Vorpommern und CAcert

Seit kurzem nimmt die Piratenpartei Mecklenburg-Vorpommern an dem Organisation Assurance Program der Zertifizierungsstelle CAcert teil. CAcert stellt Organisationen kostenfrei digitale Zertifikate zur Verfügung. Der Piratenpartei ermöglicht dies zum einen auf Service-Webseiten des Landesverbandes, wie z.B. unseren Umfragewerkzeugen oder der Aufgabenverwaltung, verschlüsselt zu surfen. Zum anderen kann so die Identität der Webseite überprüft werden. Zukünftig sollen die Zertifikate auch auf der Hauptseite eingebunden werden.

Digitale Zertifikate sind die Grundlage für verschlüsselte Kommunikation im Internet. Beispielsweise kann so das Surfen im Internet oder das Versenden von E-Mails gegen Dritte gesichert werden. Die breite Nutzung von Verschlüsselung ist die beste Möglichkeit der sicheren Kommunikation in Deutschland und weltweit. Zudem kann mit Zertifikaten die Echtheit und das Vorliegen des Originalzustandes eines elektronischen Dokumentes nachgewiesen werden.

Die Zertifikate von CAcert sind jedoch nicht standardmäßig in den Browsern enthalten. Dadurch erhalten Nutzer, die die CAcert-Root-Zertifikate nicht im Browser eingebunden haben, eine Warnung, wenn sie beispielsweise die Aufgabenverwaltung der Piratenpartei Mecklenburg-Vorpommern aufrufen. Diese können direkt von CAcert bezogen werden.

CAcert als engagierter, communitybasierter Zertifikatsaussteller (Certificate Authority) bietet jeder Person und jeder Organisation kostenfreie Zertifikate an. Somit hat jeder Nutzer die Möglichkeit, seine Kommunikation im Internet zu verschlüsseln.

CAcert at Chemnitzer Linux-Tage

This week-end, March 17/18, CAcert presents itself at Chemnitzer Linux-Tage (CLT). Our booth is on the ground floor, just left behind the information counter.

On the booth we will inform about CAcert and the adoption of digital certificates. Of course we will perform our Assurances – the identity verification for the CAcert Web-of-Trust. For this please bring governmental issued documents like ID card, passport and driving license.

The CLT are an event about Linux and Open-Source for everybody. On the CLT you will find more than 60 community project and company booths. Praxis Dr. Tux will help you regarding Linux installations. Furthermore there will be talks about a variety of topics.

Further information about the presentations on the fair:

Am Wochenende 17./18. März präsentiert sich CAcert auf den Chemnitzer Linux-Tagen (CLT). Unser Stand befindet sich im Erdgeschoss gleich links hinter dem Informationsstand.

Am Stand informieren wir über CAcert und es finden die für das Web of Trust erforderlichen Identitätsüberprüfungen statt. Hierfür erforderlich sind behördlich ausgestellte Dokumente, wie Personalausweis, Reisepass und Führerschein. Gleichzeitig können wir Tipps geben, wie unsere Zertifikate in typische Programme eingebunden werden können.

Die Chemnitzer Linux-Tage sind eine Veranstaltung rund um das Thema Linux und Open Source für jedermann. Weitere Informationen über die Chemnitzer Linux-Tage unter

CAcert at CeBIT 2012

On Friday, March, 9th, CAcert is going to be present in hall 2 booth D64/2 at LibreOffice the whole day with its own demopoint and talks. Additionally the Assurances will also be held daily except friday at noon (12:00 hrs.) in front of hall 2 in the direction of the grassed area.

The CeBIT in Hannover is is the digital industry’s biggest, most international event. With its overarching theme of “Managing Trust – Trust and security in the digital world.” CeBIT introduces the main topic of CAcert: Trust by using digital certificates. We will show you which benefit give CAcert certificates over other vendors.

On the booth we will inform about CAcert and the adoption of digital certificates. Of course we will perform our Assurances – the identity verification for the CAcert Web-of-Trust. For this please bring governmental issued documents like ID card, passport and driving license.

Above all we are going to hold talks about “Managing Trust” and document signing with CAcert certificates in LibreOffice.

The talks in detail:
10:00 Trust – the root of evil?! (english)
12:00 Dokumente signieren in LibreOffice (german)
14:00 Trust – the root of evil?! (german)
15:00 Document signing in LibreOffice (english)

CAcert at FOSDEM in Brussels, BE

CAcert joins the open source event FOSDEM at ULB Brussels, Belgium on weekend February 4th/5th. Our stand is located in the K building on the ground floor. Our staff will happily answer your questions regarding CAcert and its certificates and perform assurances with you. Also for the CAcert fans of you we will bring our polo shirts for purchase.

If you come to the FOSDEM there are two important meetings you shouldn’t miss:

Saturday 16:00 room H.2214 talk “Trust – the root of evil?!”
One of our active members Benedikt Heintel is going to have a talk about trust: In a highly connected world like ours is trust one of the most important assets. But what if the root to trust is not trustworthy? This talk enlightens why most commercial CAs are not trustworthy by default, what we can learn from 2011’s cases like dutch DigiNotar and Malaysian DigiCert, what makes CAcert different, why CAcert is not in the browsers by default and what we do to make it happen.

Sunday 12:00 noon room Ferrer assurance party
Like previous years, participants can get assurances for their CAcert account to issue certificates valid for two years. For the assurance you will need at least one piece of official government-issued photo identification. Please register beforehand on the CAcert website and download the CAcert Certificate Assurance Programme (CAP) form. It is recommended to bring at least ten printed forms with you.

New Board of Directors constituted

After the election of the new board on 2011-11-27 on the Annual General Meeting the new board has now constituted itself. Due to the fact that not enough australian board members were elected a Sub Committee was set up according to CAcert Inc. rules.

The current CAcert Inc. Committee – the Board of Directors – consists of

  • Piers Lauder, AU, President
  • Dirk Astrath, DE, Vice President
  • Jeffrey Frederick, US, Treasurer
  • Tomáš Trnka, CZ, Secretary
  • Raoul Xavier Boerlage, NL, member
  • Ian Grigg, AU, member
  • Kevin Dawson, AU, member

The CAcert Inc. Sub Committee consists of all the members of the CAcert Inc. Committee including the elected members

  • Michael Tänzer, DE, member
  • Werner Dworak, DE, member

Both are supporting the Board of Directors, participate in decisions and carry motions.

Kevin Dawson was appointed as Public Officer. He is the Association representative at the Australian Office of Fair Trading and is the co-acting Treasurer on behalf of CAcert Inc. President.

Changes at CAcert: New Points Counting

We are proud to announce recent changes in the CAcert website. Although there have been quite a few changes in the past, mostly they have happened “behind the scenes”. Today we can announce more visible changes:

1. Change to My Points page
The Point list in the menu under “My Details” -> “My Points” will be enhanced. Main Point is: The Assurance Points received and given will be allocated in a new way. The crucial point was the working total of Assurance Points allocated to the Assuree. Previously, only the beneficial points were displayed, and points allocated in Assurances were rounded down if in excess of 100.

From now on, all allocated points are displayed. The Assuree can still only benefit up to a maximum of 100 Assurance Points. As an Assurer, the member may benefit up to a maximum of 50 Experience Points by assuring other members. The new list will display the calculation much more transparently. Please have a look at the new points listing at

2. Tverify points revoked
Along with this change, all points allocated under the old Tverify program will be revoked in the near future. The Tverify program to transfer points allocated by Thawte Notaries across to CAcert members was stopped sometime ago. Tverify points cannot be verified by CAcert (for example, they cannot be distinguished between the different Notaries), and therefore, these points will be revoked soon. If you are unsure about your level of assurance, we recommend that you seek further assurance from CAcert Assurers.

By performing these measures, we take another step towards a successful audit. Passing the audit is an important building block to be accepted as a CA in the internet browsers.

3. Check your Alert Settings
We would like to advise you of another important fact: In the future, we intend to send you further newsletters with our most important news, every few months. This present newsletter is being sent to all CAcert Community Member in a one-off mailing. For the future, please check your settings online at under “My Details” -> “My Alert Settings” or at and choose which newsletters you want to receive. In the future, we intend to rely on your settings so as to send our newsletter only to those who wish to receive the specified information.

Best regards,
Alexander Bahlo
Officer for Public Relations

Further information on the New Points counting: