We are desperately seeking multilingual people for a number of reasons, firstly the site is mostly complete in 5 languages other then english and we’d really like to see the website completed in more languages since language is a real barrier for many parts of the world and breaking down this barrier is one of our key goals.

The other reason we are after people is to verify translations, some spelling mistakes and mistranslations on legal documents could be a very big problem in future so it’s important we have as many capable eyes verifying as much documentation as possible. With the verification step we possibly only need people giving feed back in their own language to those helping to translate the website/documents.

One of the big changes of late is being able to produce the CAP and TTP PDFs on the fly via php code, this means our existing translation infrastructure can be used to also translate and keep these documents all in sync, rather then requiring translators to produce and handle PDF files if any changes are made.

The translations of the TTP PDF is especially important to get right since it will be dealing with people most likely unfamiliar with CAcert and our practises and in the past people have been rejected because the documents weren’t translated into their countries official language or because the wording made some people uneasy about signing them.

For more information or if you can help out with any of these things PLEASE by all means don’t be shy and join the translation mailing list and let everyone know what you’re willing and able to help out with.

Some time ago people work trying to work out how to generate dynamic PDFs on the spot to make assurances go a little smoother since a number of the fields could automatically be filled in, and you just setup at a conference or an assurance meeting and print out forms as needed which is a good idea. However at the time the only PDFlib usable in PHP needed a commercial license and CAcert lacked the funding at the time to pursue it further.

Of late I found myself needing to generate dynamic forms for a customer’s billing solution, I ended up using FPDF which is free for both commerical and non-commercial purposes. This then lead me to recall about people making requests for this feature with CAcert and I’ve spent a bit of time today making it a reality as this will be beneficial for a number of reasons.

This now lends itself to be translated in the same manner as the website, so the procedures to track and update phrases in other languages can now be applied to both the CAP and TTP forms. Already a number of people have translated these PDFs into other languages, and further progress is being made as I type this.

So this means that we don’t need to keep a bunch of PDF forms on hand in numerous languages, and updating forms in future is now a very easy task, as changing the layout or information on one form effectively changes them all so reduces work loads all round.

You can view the new forms by going here and here.

Recently yet another debacle has unfolded with Citigroup sending out letters to customers and former customers informing them that their data was lost in transit, all up an estimated 3.9 million records. This is about the 4th such incident in as many weeks to come to light, and the worst to date.

Surely the US banking industry should be loosing money over this as karmic retribution for such poor standards in handling private and confidential information, yet this just doesn’t seem to be the case.

So why are we being punished (by not being included) because we might cause harm, when these banks are doing everything they can to look like a fly by night operation?

CNN has the full story.

Interesting run down on the trojan horse doing the rounds in Israel and how the whole kit and caboodle was brought down by simply targeting the wrong person, and then that person finding their information leaked on the internet.

Read on for more details

For a long time now I’ve realised one of the biggest problems with PKI, especially in organisations, is distribution and management of the keys/certificates. So now that I actually have some hardware to play with it’s enabled me to start working on some solutions to this problem.

My first solution to this problem was also my first attempt at coding a PHP-GTK application as well, one of the benefits of PHP-GTK is it’s ability to be run across many platforms similar to java and .net, the down side was a major lack of decent examples and documentation. I came across numerous applications in the “Hello World”, and some very very advanced applications such as the novap2p app, but there was very little in the way of what I was attempting, so hopefully it will serve as a good demo for others as well as a useful tool for people with hardware crypto devices. The other down side is poor GUI design tools, I ended up using glade, but it is by far the worst GUI design tool I’ve ever used, although I don’t know that the full blame lies with glade, but it could have been made so much better, all the elements are there just some of the defaults are brain dead.

In any case, and a number of other non-php/gtk related issue later, I’ve posted the app online as well as some screen shots to the wiki, it’s a very basic app to make things easier in getting certificates signed and onto PKI cards, but it does work pretty well even if I do say so myself.