Category Archives: News

News Relating to CAcert

CAcert’s OpenID Connect is now working

CAcert was represented at Froscon last week end. Our volunteers presented the new OpenID Connect project and discussed with the attendees. In fact, an exciting development this year was the completion of a first version of the CAcert OpenID Connect tool, allowing our members to use their Client Certificates to log in to various other services without using passwords. Services such as Nextcloud, Mantis, and possibly Drupal and WordPress can provide our members easy access. Work will continue on this project into the next month.

CAcert staff talking to interested public and giving assurances at FrOSCon booth

Are you so enthusiastic that you want to help out yourself? Read here what opportunities are available to you! Or how you can cover the operating costs with a small donation of €10: https://paylink.conotoxia.com/t3A15JkVVW or IBAN CH02 0077 4010 3947 4420 0

«CAcert Inc» is supporting the Community for over 20 years

Twenty-one years ago today, CAcert Inc was founded as the organisation behind the CAcert community. However, the rather crazy story of CAcert began the year before: Australian Duane Groth founded the CAcert community in 2002 with the aim to offer digital certificates for everyone to form such a confidence and safety consciousness in and around the Internet. He wanted to secure the WLAN network of his hometown, which was too expensive, so started the community.

It soon became clear that the operation of a certificate authorithy requires certain structures. This is why the three-part structure of CAcert was invented:

  • the community of all users, teams and assurers where no one can take power or control; resolutions takes a kind of parliament (legislature), the Policy Group, in which any interested member of the community can participate
  • the association CAcert Inc with an elected committee (executive), which manages the business for the community as a legal entity
  • a mediation body, called arbitration, the judiciary

These three parts are bound together by the CAcert Community Agreement, or CCA for short. The CCA is recognised by all members of the community and the association, but also by all users of a certificate. In addition, this recognition is renewed each time a certificate is created or renewed. The CCA is therefore an extremely strong bond that holds together the several hundred thousand members of the community with CAcert Inc and Arbtration. CAcert Inc was registered in New South Wales 20 years ago today. Today CAcert Inc is based in Switzerland.

Über zwanzig Jahre «CAcert Inc» – eine Erfolgsgeschichte (deutsch)

Heute vor einundzwanzig Jahren wurde CAcert Inc. als die Organisation hinter der CAcert-Gemeinschaft gegründet. Die ziemlich verrückte Geschichte von CAcert begann jedoch schon im Jahr zuvor: Der Australier Duane Groth gründete 2002 die CAcert-Gemeinschaft mit dem Ziel, digitale Zertifikate für jedermann anzubieten, um so ein Vertrauens- und Sicherheitsbewusstsein im und um das Internet zu bilden. Er wollte das WLAN-Netz seiner Heimatstadt sichern, was aber zu teuer war, und gründete deshalb die Gemeinschaft. Schnell wurde klar, dass der Betrieb einer Zertifikatsautorität bestimmte Strukturen erfordert. Aus diesem Grund wurde die dreiteilige Struktur von CAcert erfunden:

• die Gemeinschaft aller Nutzer, den Teams und Assurern in der niemand Macht oder Kontrolle ausüben kann; Beschlüsse fasst eine Art Parlament (Legislative), die Policy Group, an der jedes interessierte Mitglied der Gemeinschaft teilnehmen kann
• der Verein CAcert Inc mit einem gewählten Vorstand (Exekutive), der als juristische Person die Geschäfte für die Gemeinschaft führt
• eine Schlichtungsstelle, das sogenannte Schiedsgericht, die Judikative

Diese drei Teile sind durch das CAcert Community Agreement, kurz CCA, miteinander verbunden. Das CCA wird von allen Mitgliedern der Gemeinschaft und des Vereins, aber auch von allen Nutzern eines Zertifikats anerkannt. Außerdem wird diese Anerkennung jedes Mal erneuert, wenn ein Zertifikat erstellt oder verlängert wird. Die CCA ist also ein äußerst starkes Band, das die mehreren hunderttausend Mitglieder der Gemeinschaft mit CAcert Inc und Arbtration zusammenhält. Heute vor 20 Jahren wurde CAcert Inc. in Neusüd-Wales registriert. Heute hat CAcert Inc. seinen Sitz in der Schweiz.

Plus que vingt ans de «CAcert Inc» – une histoire à succès (français)

Il y a vingt et un ans aujourd’hui, CAcert Inc. a été fondée en tant qu’organisation de patronage de la communauté CAcert. Cependant, l’histoire un peu folle de CAcert a commencé l’année précédente : L’Australien Duane Groth a fondé la communauté CAcert en 2002 dans le but d’offrir des certificats numériques à tout le monde afin de créer une conscience de confiance et de sécurité sur et autour de l’internet. Il souhaitait sécuriser le réseau WLAN de sa ville natale, qui était trop coûteux, et a donc créé la communauté. Il est rapidement apparu que le fonctionnement d’une autorité de certification nécessitait certaines structures. C’est pourquoi la structure en trois parties de CAcert a été inventée:

• la communauté de tous les utilisateurs, équipes et assuers où personne ne peut prendre le pouvoir ou le contrôle; les décisions sont pris par une sorte de parlement (législature), le Policy Group, auquel tout membre intéressé de la communauté peut participer

• l’association CAcert Inc avec un comité élu (exécutif), qui gère les affaires pour la communauté en tant qu’entité juridique

• un organe de médiation, appelé arbitration, le pouvoir judiciaire.

Ces trois parties sont liées par l’accord communautaire de CAcert, ou CCA en abrégé. Le CCA est reconnu par tous les membres de la communauté et de l’association, mais aussi par tous les utilisateurs d’un certificat. De plus, cette reconnaissance est renouvelée à chaque fois qu’un certificat est créé ou renouvelé. Le CCA est donc un lien extrêmement fort qui unit les quelques centaines de milliers de membres de la communauté à CAcert Inc et Arbtration. CAcert Inc a été enregistré en Nouvelle-Galles du Sud il y a 20 ans aujourd’hui. Aujourd’hui, CAcert Inc est basée en Suisse.

Software Team extended

They repair our systems, expand them and adapt them to new requirements. Put new functions through their paces. They deal with errors and find innovative and pragmatic solutions. They also plan, develop and programme new pillars for CAcert. We are talking about a dedicated small group of volunteers known as “Software Team”. When you talk to them, you can immediately sense the enthusiasm with which they work in their free time to create new things together and make progress.

The fact that various small projects have been completed in recent months, that age-related weaknesses have been ironed out and errors rectified, and that a major new project has been brought to the finishing line, is not only thanks to the dedication of these people, but also to the fact that they have succeeded in winning over others. The software team has actually grown this year, with new members joining the team. In fact, the software team has actually grown this year, with new members joining the team.

New recruits initially take on small tasks, working hand in hand with volunteers who know our systems inside out like nobody else. Once they have passed the security check, formerly known as ABC, replaced some time ago by BGC, they also help with work on system-relevant software. Welcome to the Software Team of CAcert!

Contribute to our expenses with €10 https://paylink.conotoxia.com/t3A15JkVVW or IBAN CH02 0077 4010 3947 4420 0

Official announcement

Following a motion of May 16th, 2024, the Secretary has to announce ex officio to the members of the community that there will be a discussion in the Policy Group on the continuation or termination of the CAcert Community Agreement, and thereby CAcert Inc and CAcert Community.

Gemäss Beschluss vom 16. Mai 2024 soll der Sekretär von Amtes wegen die Gemeinschaft darüber informieren, dass einige Mitglieder in der Policy Group eine Diskussion über die Beendigung der CCA und somit der Gemeinschaft und des Vereins lanciert haben.

CAcert significantly reduces power consumption

DEUTSCH weiter unten FRANÇAIS voir plus bas

The operation of servers in a data centre is always associated with power consumption. And at the latest since the winter of 2022/2023 with the energy shortage in Europe, broad sections of the population have also realised that electricity consumption is associated with costs.

We at CAcert have been looking at our technical equipment for some time now: on the one hand, it should be cost-effective to purchase, as we don’t have an infinite amount of money and handle our friends’ donations with care. On the other hand, we will also take a look at the operating costs.

Some time ago, we drew up a plan to replace old, long-depreciated appliances that were becoming increasingly prone to failure and consuming a lot of electricity in several stages. The planning and initial steps were started by Secure-U before the machinery was transferred to CAcert Inc.

A look at the diagram above shows the success of these measures. August is shown as an example for the years 2014-2022, followed by all months for 2023-2023: Consumption was reduced from 600-800 kWh to around 200 kWh in two steps. This enabled us to offset the doubling of the electricity price.

Anyone who wants to share in the reduced electricity costs or make a contribution to fill the hole in the till that the purchase of the machines has torn as a small thank you to those volunteers who did the installation of the new servers in their spare time for you: Donation account CAcert: IBAN CH02 0077 4010 3947 4420 0 or with bank or credit card.

CAcert reduziert Stromverbrauch signifikant
Der Betrieb von Servern in einem Datenzentrum ist immer mit Stromverbrauch verbunden. Und spätestens seit dem Winter 2022/2023 mit der Energiemangellage in Europa ist auch breiten Schichten bewusst, dass Stromverbruach mit Kosten verbunden ist. Wir von CAcert beschäftigen uns schon länger mit unserer technischen Ausrüstung: Einerseits soll sie kostenkünstig sein in der Anschaffung, da wir nicht unendlich viel Geld haben und mit den Spendengeldern unserer Freunde sorgfältig umgehen. Andererseits werden wir auch einen Blick auf die Betriebskosten.

So haben wir schon vor längerem einen Plan erstellt, wie wir alte, längst abgeschriebene Gerät, die immer störungsanfälliger wurden und viel Strom verbrauchten in mehreren Schritten ersetzen können. Die Planung und die ersten Schritte wurden noch von Secure-U begonnen, bevor der Maschinenpark an CAcert Inc überging. Ein Blick auf obenstehendes Diagramm zeigt den Erfolg dieser Massnahmen. Für die Jahre 2014-2022 ist jeweils exemplarisch der August gezeigt, anschliessend alle Monate für 2023-2023: Der Verbrauch von 600-800 kWh konnte in zwei Schritten auf rund 200 kWh gesenkt werden. So konnten wir die Verdoppelung des Strompreises auffangen.

Wer sich an den reduzierten Stromkosten beteiligen will oder mit einem Beitrag das Loch in der Kasse auffüllen, das die Anschaffung der neuen Maschinen gerissen hat: Spendenkonto von CAcert: IBAN CH02 0077 4010 3947 4420 0 oder mit Bank- oder Kreditkarte.

CAcert réduit massivement la consommation d’énergie
L’exploitation de serveurs dans un centre de données est toujours liée à la consommation d’électricité. Et depuis l’hiver 2022/2023 et la pénurie d’énergie en Europe, de larges couches de la population sont conscientes que la consommation d’électricité est liée à des coûts.

Chez CAcert, nous nous préoccupons depuis longtemps de notre équipement technique : d’une part, il doit être peu coûteux à l’achat, car nous n’avons pas des moyens illimités et nous gérons avec soin les dons de nos amis. D’autre part, nous allons également jeter un coup d’œil sur les coûts d’exploitation.
Ainsi, nous avons établi depuis longtemps un plan pour remplacer en plusieurs étapes les anciens appareils amortis depuis longtemps, qui devenaient de plus en plus sujets aux pannes et consommaient beaucoup d’électricité. La planification et les premières étapes ont été entamées par Secure-U avant que le parc de machines ne soit transféré à CAcert Inc.

Un coup d’œil sur le diagramme ci-dessus montre le succès de ces mesures. Pour les années 2014-2022, le mois d’août est montré à titre d’exemple, puis tous les mois pour 2023-2023 : La consommation de 600-800 kWh a pu être réduite en deux étapes à environ 200 kWh. Nous avons ainsi pu compenser le doublement du prix de l’électricité.

Ceux qui souhaitent participer à la réduction des coûts d’électricité ou combler par une contribution le trou dans la caisse que l’achat des nouvelles machines a creusé : Compte de dons CAcert: IBAN CH02 0077 4010 3947 4420 0 ou avec une carte bancaire ou de crédit.

Finally: Create a Client Certificate in the Browser

Since Google and Mozilla have removed the <keygen> element we use from the HTML standard and from their browsers, we have endeavoured to provide a valid replacement so that client certificates can once again be created so easily that even my grandmother could do it.

Finding a solution was not easy; other CAs were also sweating bullets here. The solution that we have been offering for some time now was initially somewhat hidden, but has since been prominently linked as the seventh service on our community portal community.cacert.org.

Both the new solution and the community portal are the result of the tireless work of a small group of volunteers. As a small thank you, you can make their work easier by not having to worry about CAcert’s operating costs. Donation account CAcert: IBAN CH02 0077 4010 3947 4420 0 or with bank or credit card.

Merry CAcertmas!

Dear friends and members of the CAcert community. Are you curious and want to know what is wrapped in the package under the tree? This year, Father Christmas has packed something really nice.

As always with CAcert, you can unwrap it faster and enjoy it more quickly if you help out a little. Translate a little. Or do a little programming. Or test a few new functions. Or like this. To do so, you find further information on the web or write to our secretary.

CAcert Services mostly running again

In Wednesday another visit at the datacenter took place, where we installed the updated webdb1-machine to the rack.

There are still some minor issues left (e.g. language selection for main website, automatic mails), which will be activated again remotely withins the next days.

This time the available time on critical teams site was blocked by some investigation issues (e.g.: What caused the outage, why did the internal routines and raid did not work) and non CAcert-related issues (as we all have a family and job, which are time-consuming as well) and and outage of usable internet-connection on critical teams site.

Naming this: If you’re living next to or in Netherlands and want to give us a helping hand for infrastructure and (possible) critical team feel free to contact us via support.

New board allready started

On 7 December, the committee of CAcert Inc (also known as “board”) was constituted as follows:

  • President – Brian McCullough
  • Vice president – Kim Nilsson
  • Treasurer – Frédéric Grither
  • Secretary – Étienne Ruedin
  • Board members – Aleš Kastner, Frédéric Dumas

Two weeks earlier, the board had already discussed organisational issues in depth at a closed meeting. It is aware that collaboration via virtual channels does not only bring advantages. In order to meet these high demands in the future, the committee will continue to address these issues in the coming weeks. Last autumn, those responsible were introduced to the topic by a management consultant specialising in non-profit organisations, who thankfully did this pro bono.

New drive for CAcert Inc

At the Annual General Meeting 2022/2023 of our Geneva based operating association CAcert Inc on November, 11th, 2023, the members of CAcert Inc elected a new committee (also known as “board”). Some familiar faces are still involved, complemented by new blood from Bohemia. We can announce the constitution at the beginning of December.